Oracle Errata System Oracle Linux 5.3 2012-12-20T00:00:00 Oracle Linux 5 [2.6.18-274.17.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-274.17.1.el5] - Revert: [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - Revert: [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - Revert: [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - Revert: [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127} [2.6.18-274.16.1.el5] - [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127} [2.6.18-274.15.1.el5] - [net] e1000e: Avoid wrong check on TX hang (Dean Nelson) [766485 746272] - [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749159 749160] {CVE-2011-4077} - [pci] intel-iommu: Default to non-coherent for unattached domains (Don Dutile) [766803 753924] - [fs] nfs: remove BUG() from encode_share_access() (Jeff Layton) [755442 754901] {CVE-2011-4324} - [misc] irq: Check for spurious IRQ only on disabled IRQs (Prarit Bhargava) [759387 756412] - [fs] hfs: add sanity check for file name length (Eric Sandeen) [755432 755433] {CVE-2011-4330} - [fs] proc: Fix select on /proc files without ->poll (David Howells) [755483 751214] - [fs] nfs: Ensure we mark inode as dirty if early exit from commit (Jeff Layton) [755482 714020] - [x86] apic: ack all pending irqs when crashed/on kexec (hiro muneda) [750460 742079] - [virt] kvm: fix regression w/ 32 bit KVM clock (Rik van Riel) [747875 753789 751742 731599] - [virt] kvm: fix lost tick accounting for 32 bit kvm-clock (Rik van Riel) [747875 731599] - [fs] jbd/jbd2: validate sb->s_first in journal_get_superblock (Eryu Guan) [753343 706810] {CVE-2011-4132} - [net] igb: enable link power down (Stefan Assmann) [752735 742514] - [fs] proc: fix oops on invalid /proc/<pid>/maps access (Johannes Weiner) [747851 747699] {CVE-2011-3637} - [block] cciss: bump driver version (Tomas Henzl) [758024 714129] - [block] cciss: need to delay after a PCI Power Management reset (Tomas Henzl) [758024 714129] - [block] cciss: auto engage scsi susbsystem (Tomas Henzl) [758024 714129] - [block] cciss: store pdev in hba struct (Tomas Henzl) [758024 714129] - [block] cciss: use consistent variable names (Tomas Henzl) [758024 714129] - [block] cciss: add a commandline switch for simple mode (Tomas Henzl) [758024 714129] - [fs] proc: close race with exec in mem_read() (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [mm] implement access_remote_vm (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [mm] factor out main logic of access_process_vm (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [mm] use mm_struct to resolve gate vma's in __get_user_pages (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [mm] make in_gate_area take mm_struct instead of a task_struct (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [mm] make get_gate_vma take mm_struct instead of task_struct (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [x86_64] mark assoc mm when running task in 32 bit compat mode (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [misc] sched: add ctx tag to mm running task in ia32 compat mode (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [fs] proc: require the target to be tracable (or yourself) (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [fs] proc: close race in /proc/*/environ (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [fs] proc: report errors in /proc/*/*map* sanely (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [fs] proc: shift down_read(mmap_sem) to the caller (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [fs] detect exec transition phase with new mm but old creds (Johannes Weiner) [692041 692042] {CVE-2011-1020} - [net] igb: fix i350 SR-IOV failture (Stefan Assmann) [741877 714313] - [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [fs] nfs: Fix an O_DIRECT Oops (Jeff Layton) [755457 754620] {CVE-2011-4325} - [net] sctp: Fix another race during accept/peeloff (Thomas Graf) [757146 714870] {CVE-2011-4348} - [scsi] isci: fix 32-bit operation when CONFIG_HIGHMEM64G=n (Phillip Lougher) [750458 713904] - [net] tg3: Only allow phy ioctls while netif_running (Phillip Lougher) [746343 683393] [2.6.18-274.14.1.el5] - [input] evdev: Fix spin lock context in evdev_pass_event() (Don Zickus) [744147 734900] - [fs] dcache: Fix dentry loop detection deadlock (David Howells) [754129 717959] - [input] evdev: disable interrupts when processing events (Don Zickus) [744147 734900] [2.6.18-274.13.1.el5] - [fs] dcache: Log ELOOP rather than creating a loop (David Howells) [754129 717959] - [fs] dcache: Fix loop checks in d_materialise_unique (David Howells) [754129 717959] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-1020 CVE-2011-3637 CVE-2011-4077 CVE-2011-4132 CVE-2011-4324 CVE-2011-4325 CVE-2011-4330 CVE-2011-4348 Oracle Linux 5 [2.6.26-2.1.12.0.1.el5_7.2] - Add libxml2-enterprise.patch - Replaced docs/redhat.gif in tarball with updated image [2.6.26-2.1.12.el5_7.2] - Fix the semantic of XPath axis for namespace/attribute nodes CVE-2010-4008 - Fix an off by one error in encoding CVE-2011-0216 - Fix some potential problems on reallocation failures CVE-2011-1944 - Fix missing error status in XPath evaluation CVE-2011-2834 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919.patch - Resolves: rhbz#771906 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919 Oracle Linux 6 [2.7.6-4.0.1.el6_2.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-4.el6_2.1] - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919 - Resolves: rhbz#771913 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-3905 CVE-2011-3919 Oracle Linux 5 Oracle Linux 6 [5.3.3-3.5] - remove extra php.ini-prod/devel files caused by %patch -b [5.3.3-3.4] - add security fixes for CVE-2011-4885, CVE-2011-4566 (#769754) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4566 CVE-2011-4885 Oracle Linux 5 [5.1.6-27.4] - add security fixes for CVE-2011-4885, CVE-2011-4566, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1469, CVE-2011-2202 (#769756) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-0708 CVE-2011-1148 CVE-2011-1466 CVE-2011-1469 CVE-2011-2202 CVE-2011-4566 CVE-2011-4885 Oracle Linux 6 [qemu-kvm-0.12.1.2-2.209.el6_2.4] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772081] - Resolves: bz#772081 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-6.2.z]) [qemu-kvm-0.12.1.2-2.209.el6_2.3] - kvm-Revert-virtio-blk-refuse-SG_IO-requests-with-scsi-of.patch [for bz#767721] - kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off-v2.patch [bz#767721] - CVE: CVE-2011-4127 - Resolves: bz#767721 (qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off (CVE-2011-4127 mitigation) [rhel-6.2.z]) [qemu-kvm-0.12.1.2-2.209.el6_2.2] - kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off.patch [bz#752375] - CVE: CVE-2011-4127 - Resolves: bz#767721 (EMBARGOED qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off (CVE-2011-4127 mitigation) [rhel-6.3]) - Resolves: bz#767906 (qemu-kvm should be built with full relro and PIE support) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0029 Oracle Linux 5 [kvm-83-239.0.1.el5_7.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-239.el5_7.1] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772079] - Resolves: bz#772079 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-5.7.z]) - kvm-Fix-external-module-compat.c-not-to-use-unsupported-.patch [bz#753860] (build fix) - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770100] - Resolves: bz#770100 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.7.z]) [kvm-83-239.el5_7.1] - Updated kversion to 2.6.18-274.17.1.el5 to match build root IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0029 CVE-2011-4622 Oracle Linux 6 [2.6.32-220.4.1.el6] - [fs] Revert 'proc: enable writing to /proc/pid/mem' (Johannes Weiner) [782649 782650] {CVE-2012-0056} [2.6.32-220.3.1.el6] - [kernel] Remove 'WARNING: at kernel/sched.c:5915' (Larry Woodman) [768288 766051] - [x86] kernel: Fix memory corruption in module load (Prarit Bhargava) [769595 767140] - [kernel] Reset clocksource watchdog after sysrq-t (Prarit Bhargava) [755867 742890] - [x86] AMD: Make tsc=reliable override boot time stability checks (Prarit Bhargava) [755867 742890] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0056 Oracle Linux 6 [2.12-1.47.el6_2.5] - Avoid high cpu usage when accept fails with EMFILE (#767692) [2.12-1.47.el6_2.4] - Make implementation of ARENAS_TEST and ARENAS_MAX match documentation (#769594) - Check malloc arena atomically (#769594) [2.12-1.47.el6_2.3] - Check values from TZ file header (#767692) [2.12-1.47.el6_2.2] - Correctly reparse group line after enlarging the buffer (#766484) [2.12-1.47.el6_2.1] - Fix grouping and reuse other locales in various locales (#754116) MODERATE Copyright 2012 Oracle, Inc. CVE-2009-5029 CVE-2011-4609 Oracle Linux 6 [1.0.0-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4577 CVE-2011-4108 CVE-2011-4576 CVE-2011-4619 Oracle Linux 5 [0.9.8e-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4619 Oracle Linux 6 [5.1.2-6.1] - Fixed CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554 Resolves: rhbz#772900 MODERATE Copyright 2012 Oracle, Inc. CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 Oracle Linux 6 [1.8.7.352-4] - Address CVE-2011-4815 'DoS (excessive CPU use) via hash meet-in-the-middle attacks (oCERT-2011-003)' * ruby-1.8.7-p352-CVE-2011-4815.patch - Resolves: rhbz#768831 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4815 Oracle Linux 5 [1.8.5-22.1] - Properly initialize the random number generator when forking new process * ruby-1.8.7-CVE-2011-3009.patch - Related: rhbz#768829 [1.8.5-21.1] - Revert accidential move of tcl/tk libraries. - Related: rhbz#768829 [1.8.5-20.1] - Address CVE-2011-4815 "DoS (excessive CPU use) via hash meet-in-the-middle attacks (oCERT-2011-003)" * ruby-1.8.7-CVE-2011-4815.patch - Resolves: rhbz#768829 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3009 CVE-2011-4815 Oracle Linux 5 Oracle Linux 6 firefox: [3.6.26-1.0.1.el6_2] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [3.6.26-1] - Update to 3.6.26 xulrunner: [1.9.2.26-1.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.26-1] - Update to 1.9.2.26 CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3659 CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449 Oracle Linux 6 [3.1.18-1.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.18-1] - Update to 3.1.18 CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3659 CVE-2011-3670 CVE-2012-0442 CVE-2012-0449 Oracle Linux 5 [5.3.3-1.6] - add security fix for CVE-2012-0830 (#786757) CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0830 Oracle Linux 5 Oracle Linux 6 [5.3.3-3.6] - add security fix for CVE-2012-0830 (#786743) CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0830 Oracle Linux 5 Oracle Linux 6 [8.70-11:.6] - Applied upstream fix to last patch (CVE-2010-4054, bug #646086). [8.70-11:.5] - Applied patch to prevent null pointer dereference (CVE-2010-4054, bug #646086). [8.70-11:.4] - Don't ship patch backup files for CVE-2010-2055. [8.70-11:.3] - Applied patch to prevent integer underflow in TrueType bytecode interpreter (CVE-2009-3743, bug #627902). - Applied patch to avoid reading initialization files from CWD (CVE-2010-2055, bug #599564). MODERATE Copyright 2012 Oracle, Inc. CVE-2009-3743 CVE-2010-2055 CVE-2010-4054 CVE-2010-4820 Oracle Linux 5 [1.4.8-5.0.1.el5_7.13] - Remove Redhat splash screen images [1.4.8-5.13] - fix typo in CVE-20210-4555 patch [1.4.8-5.12] - patch for CVE-2010-2813 was not complete [1.4.8-5.11] - fix: CVE-2010-1637 : Port-scans via non-standard POP3 server ports in Mail Fetch plugin - fix: CVE-2010-2813 : DoS (disk space consumption) by random IMAP login attempts with 8-bit characters in the password - fix: CVE-2010-4554 : Prone to clickjacking attacks - fix: CVE-2010-4555 : Multiple XSS flaws [tag handling] - fix: CVE-2011-2752 : CRLF injection vulnerability - fix: CVE-2011-2753 : CSRF in the empty trash feature and in Index Order page MODERATE Copyright 2012 Oracle, Inc. CVE-2010-1637 CVE-2010-2813 CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 CVE-2011-2752 CVE-2011-2753 Oracle Linux 6 [5.1.61-1.el6_2.1] - Update to 5.1.61, for assorted upstream bugfixes including numerous CVEs announced in January 2012 Resolves: #787191 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0112 CVE-2012-0113 CVE-2012-0114 CVE-2012-0115 CVE-2012-0116 CVE-2012-0118 CVE-2012-0119 CVE-2012-0120 CVE-2012-0484 CVE-2012-0485 CVE-2012-0490 CVE-2012-0492 Oracle Linux 5 [2.6.18-274.18.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down (John Haxby) [orabug 13652598] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-274.18.1.el5] - [misc] Move exit_robust_list to mm_release, null lists on cleanup (Laszlo Ersek) [771774 750283] {CVE-2012-0028} - [block] disable SG_IO ioctls on virtio-blk devices (Paolo Bonzini) [773322 771592] - [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127} - [fs] ext4: fix BUG_ON() in ext4_ext_insert_extent() (Lukas Czerner) [747943 747946] {CVE-2011-3638} - [scsi] don't fail scans when host is in recovery (Rob Evers) [772162 657345] - [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [783477 783284] {CVE-2011-4086} - [net] igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Jiri Pirko) [772868 772869] {CVE-2012-0207} IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-3638 CVE-2011-4127 CVE-2012-0207 CVE-2011-4086 CVE-2012-0028 Oracle Linux 5 [2.5-65.el5_7.3] - Use correct type when casting d_tag (#767687) - Report write error in addmnt even for cached streams (#767687) - ldd: Never run file directly (#767687). - Workaround misconfigured system (#767687) [2.5-65.el5_7.2] - Check values from TZ file header (#767687) MODERATE Copyright 2012 Oracle, Inc. CVE-2009-5064 CVE-2011-1089 CVE-2010-0830 CVE-2009-5029 CVE-2011-4609 Oracle Linux 5 [5.0.95-1.el5_7.1] - Update to 5.0.95, to get the last upstream bugfixes in this release series including numerous CVEs announced in January 2012 Resolves: #787140 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0114 CVE-2012-0484 CVE-2012-0490 CVE-2010-1849 Oracle Linux 6 [2.2.15-15.0.1.el6_2.1] - replace index.html with Oracle's index page oracle_index.html update vstring in specfile [2.2.15-15.1] - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787598) - obviates fix for CVE-2011-3638, patch removed MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3607 CVE-2011-3639 CVE-2011-4317 CVE-2012-0031 CVE-2012-0053 Oracle Linux 6 [1:1.6.0.0-1.43.1.10.6] - Updated to IcedTea6 1.10.6 - Resolves: rhbz#787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - S7110704: Issues with some method in corba - S7112642: Incorrect checking for graphics rendering object - S7118283: Better input parameter checking in zip file processing - S7126960: Add property to limit number of request headers to the HTTP Server - Bug fixes - RH580478: Desktop files should not use hardcoded path - Removed upstreamed patch7 - java-1.6.0-openjdk-6_2-Z-rmi-fix.patch CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2011-3571 CVE-2011-5035 CVE-2012-0507 Oracle Linux 5 Oracle Linux 6 [1.2.3-4.1] - fix CVE-2012-0444 (#787076) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0444 Oracle Linux 6 [2007-57] - fix CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554, texlive various flaws (#773183) MODERATE Copyright 2012 Oracle, Inc. CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 Oracle Linux 6 [3.1.18-2.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.18-2] - added fix for mozbz#727401 CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3026 Oracle Linux 5 Oracle Linux 6 [1.9.2.26-2.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.26-2] - added fix for mozbz#727401 CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3026 Oracle Linux 5 [kvm-83-249.0.1.el5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch - modify kversion to fix build failure [kvm-83-249.el5] - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770101] - CVE: CVE-2011-4622 - Resolves: bz#770101 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.8]) [kvm-83-248.el5] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772080] - CVE: CVE-2012-0029 - Resolves: bz#772080 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-5.8]) [kvm-83-247.el5] - kvm-kernel-KVM-Remove-ability-to-assign-a-device-without-iommu-.patch [bz#770095] - kvm-kernel-KVM-Device-assignment-permission-checks.patch [bz#770095] - Resolves: bz#770095 (CVE-2011-4347 kernel: kvm: device assignment DoS [rhel-5.8]) [kvm-83-246.el5] - kvm-Fix-SIGFPE-for-vnc-display-of-width-height-1.patch [bz#751482] - Resolves: bz#751482 (Backport SIGFPE fix in qemu-kvm VNC to RHEL5.x) [kvm-83-245.el5] - kvm-Fix-external-module-compat.c-not-to-use-unsupported-.patch [bz#753860] - Resolves: bz#753860 (Fix kvm userspace compilation on RHEL-5 to match the kernel changes) [kvm-83-244.el5] - kvm-do-not-change-RTC-stored-time-accidentally.patch [bz#703335] - Resolves: bz#703335 (KVM guest clocks jump forward one hour on reboot) [kvm-83-243.el5] - kvm-e1000-multi-buffer-packet-support.patch [bz#703446] - kvm-e1000-clear-EOP-for-multi-buffer-descriptors.patch [bz#703446] - kvm-e1000-verify-we-have-buffers-upfront.patch [bz#703446] - kvm-BZ725876-make-RTC-alarm-work.patch [bz#725876] - kvm-BZ725876-fix-RTC-polling-mode.patch [bz#725876] - Resolves: bz#703446 (Failed to ping guest after MTU is changed) - Resolves: bz#725876 (RTC interrupt problems with RHEL5 qemu/kvm (0.10 based) on 2.6.38+ guest kernels.) [kvm-83-242.el5] - kvm-posix-aio-compat-fix-latency-issues.patch [bz#725629] - Resolves: bz#725629 (RHEL5.5 KVM VMs freezing for a few seconds) [kvm-83-241.el5] - kvm-pci-assign-limit-number-of-assigned-devices-via-hotp.patch [bz#701616] - kvm-pci-assign-Cleanup-file-descriptors.patch [bz#700281] - Resolves: bz#700281 ([Intel 5.8 Bug] Fail to attach/detach NIC more than 250 times) - Resolves: bz#701616 (limitation on max number of assigned devices does not take effect if hot-plug pci devices) [kvm-83-240.el5] - Updated kversion to 2.6.18-275.el to match build root - kvm-Fix-vga-segfaults-or-screen-corruption-with-large-me.patch [bz#704081] - Resolves: bz#704081 (mouse responds very slowly with huge memory) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4347 Oracle Linux 5 kernel - 2.6.18-308.0.0.0.1.el5 - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] MODERATE Copyright 2012 Oracle, Inc. CVE-2011-1083 Oracle Linux 5 kernel [2.6.18-308.el5] - [scsi] lpfc: Update lpfc version for 8.2.0.108.4p driver release (Rob Evers) [784073] - [scsi] lpfc: Fix FCP EQ memory check init w/single int vector (Rob Evers) [784073] [2.6.18-307.el5] - [s390] crypto: Reset sha2 index after processing partial block (David Howells) [677860] - Revert: [fs] xfs: implement ->dirty_inode to fix timestamp (Eric Sandeen) [653215] [2.6.18-306.el5] - [s390] pfault: ignore leftover completion interrupts (Jarod Wilson) [753194] - [cpufreq] powernow-k8: Fix indexing issue (Frank Arnold) [782773] - [scsi] device_handler: optimize transition retries (Rob Evers) [733635] - [net] qlge: fix size of external list for TX address descriptors (Chad Dupuis) [772696] - [net] igmp: Avoid zero delay when rx'ing odd mix of IGMP queries (Jiri Pirko) [772869] - [net] be2net: create RSS rings even in multi-channel configs (Ivan Vecera) [773114] - [net] ipv6: track device renames in snmp6 (Andy Gospodarek) [758923] - [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [783284] {CVE-2011-4086} - [fs] epoll: workarounds to preserve kernel ABI (Jason Baron) [681692] {CVE-2011-1083} - [fs] epoll: limit paths (Jason Baron) [681692] {CVE-2011-1083} - [fs] epoll: prevent creating circular epoll structures (Jason Baron) [681692] {CVE-2011-1083} - [fs] epoll: add ep_call_nested() (Jason Baron) [681692] {CVE-2011-1083} - [fs] gfs2: additional fix for inode allocation error path (Robert S Peterson) [767377] - [fs] gfs2: Revert clean up fsync changes (Robert S Peterson) [767377] - [fs] ext4: ignore EXT4_INODE_JOURNAL_DATA flag with delalloc (Lukas Czerner) [769386] - [mm] filemap: Make write(2) interruptible by a fatal signal (Lukas Czerner) [740898] - [mm] Make task in balance_dirty_pages killable (Lukas Czerner) [740898] - [fs] ext4: fix the deadlock in mpage_da_map_and_submit (Lukas Czerner) [740898] - [fs] ext4: fix deadlock in ext4_ordered_write_end (Lukas Czerner) [740898] - [fs] ext4: mark multi-page IO complete on mapping failure (Lukas Czerner) [740898] - [fs] ext4: make invalidate pages handle page range properly (Lukas Czerner) [740898] - [fs] ext4: call mpage_da_submit_io from mpage_da_map_blocks (Lukas Czerner) [740898] - [fs] nfsd: Avoid excess stack usage in svc_tcp_recvfrom (J. Bruce Fields) [765751] - [fs] nfsd: Replace two page lists in struct svc_rqst with one (J. Bruce Fields) [765751] [2.6.18-305.el5] - [edac] i5000: don't crash before showing the edac error (Mauro Carvalho Chehab) [713034] - [Documentation] Add pci=noseg to kernel-parameters.txt (Prarit Bhargava) [743168] - [net] ipv6: fix tcp_v6_conn_request (Jiri Benc) [714670] - [redhat] update RHEL_MINOR to 8 for 5.8 release (Jarod Wilson) [773033] - [misc] Move exit_robust_list to mm_release, null lists on cleanup (Laszlo Ersek) [750283] {CVE-2012-0028} - [fs] nfs: Fix an O_DIRECT Oops (Jeff Layton) [754620] {CVE-2011-4325} - [xen] x86: fix a few 32-on-64 compat mode issues (Igor Mammedov) [700752] [2.6.18-304.el5] - [fs] gfs2: Fix inode allocation error path (Robert S Peterson) [767377] - [fs] gfs2: Clean up fsync (Robert S Peterson) [767377] - [misc] fix list_head userspace export regression error (Jarod Wilson) [772663] - [block] disable SG_IO ioctls on virtio-blk devices (Paolo Bonzini) [771592] - [net] cxgb4: fix firmware corruption (Neil Horman) [756661] - [net] be2net: remove incorrect calls to netif_carrier_off (Ivan Vecera) [771391] - [scsi] lpfc: Update lpfc version for 8.2.0.108.3p driver release (Rob Evers) [769385] - [scsi] lpfc: Fix panic during EEH recovery on SLI4 FC port (Rob Evers) [769385] - [scsi] lpfc: Fix a crash while deleting 256 vports (Rob Evers) [769385] - [scsi] lpfc: Fixed OCM failing *_OBJECT mailbox pass-through (Rob Evers) [769385] - [scsi] lpfc: Fixed firmware download regression (Rob Evers) [769385] - [scsi] lpfc: Fix system crash when LPe16000 fails to initialize (Rob Evers) [769385] [2.6.18-303.el5] - [scsi] qla2xxx: Update FC-transport port_state translation matrix (Chad Dupuis) [765866] - [scsi] qla2xxx: Don't call alloc_fw_dump for ISP82XX (Chad Dupuis) [765866] - [scsi] qla2xxx: Remove qla2x00_wait_for_loop_ready function (Chad Dupuis) [765866] - [scsi] qla2xxx: Display FCP_CMND priority on update (Chad Dupuis) [765866] - [scsi] qla2xxx: Check for SCSI status on underruns (Chad Dupuis) [765866] - [scsi] qla4xxx: v5.02.04.02.05.08-d0 (Chad Dupuis) [769019] - [scsi] qla4xxx: clear the RISC interrupt bit during firmware init (Chad Dupuis) [769019] - [scsi] qla4xxx: v5.02.04.01.05.08-d0 (Chad Dupuis) [758762] - [scsi] qla4xxx: Fix panic due to incorrect tag_value_stride (Chad Dupuis) [758762] - [fs] xfs: implement ->dirty_inode to fix timestamp handling (Carlos Maiolino) [653215] - [net] drop_monitor: return -EAGAIN on duplicate state changes (Neil Horman) [688791] - [net] ipv6: make disable_ipv6 work (Weiping Pan) [760199] - [net] bnx2x: fix failure to bring link up on BCM57810 (Michal Schmidt) [751025] - [scsi] isci: link speeds default to gen2 (David Milburn) [768151] - [fs] jbd: fix race in buffer processing in commit code (Josef Bacik) [756643] - [s390] kernel: cpu hotplug vs missing pfault completion interrupt (Hendrik Brueckner) [753194] - [block] loop: Don't call loop_unplug on non-configured device (Veaceslav Falico) [617668] - [virt] xen/netback: Clear IFF_TX_SKB_SHARING flags (Neil Horman) [753173] - [scsi] sd: fix 32-on-64 block device ioctls (Paolo Bonzini) [752386] {CVE-2011-4127} - [md] dm: do not forward ioctls from LVs to the underlying devices (Paolo Bonzini) [752386] {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752386] {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752386] {CVE-2011-4127} [2.6.18-302.el5] - [redhat] configs: Include generic ppc64 opts on all ppc64 configs (Alexander Gordeev) [748426] - [fs] xfs: don't block on buffer read errors (Boris Ranto) [709223] - [fs] nfs: Display lookupcache option in /proc/mounts (Sachin Prabhu) [706305] - [net] bonding: Don't allow mode change via sysfs w/slaves present (Veaceslav Falico) [768208] - [net] be2net: Fix disabling multicast promiscuous mode (Ivan Vecera) [751998] - [net] be2net: Fix endian issue in RX filter command (Ivan Vecera) [751998] - [net] be2net: Changing MAC Address of a VF was broken (Ivan Vecera) [751998] - [net] be2net: don't create multiple rings in multi channel mode (Ivan Vecera) [751998] - [net] be2net: Making die temperature ioctl call async (Ivan Vecera) [751998] - [net] be2net: Fix Endian issues in response read log length field (Ivan Vecera) [751998] - [net] be2net: Change data type of on die temperature stat (Ivan Vecera) [751998] - [net] be2net: Add 60 second delay for dump on recovery from EEH (Ivan Vecera) [751998] - [net] be2net: Show newly flashed FW ver in ethtool (Ivan Vecera) [751998] - [net] be2net: increase FW update completion timeout (Ivan Vecera) [751998] - [net] be2net: Fix race in posting rx buffers (Ivan Vecera) [751998] - [net] be2net: Store vid from grp5 event instead of vlan_tag (Ivan Vecera) [751998] - [net] be2net: drop pkts that do not belong to the port (Ivan Vecera) [751998] - [fs] ext4: fix BUG_ON() in ext4_ext_insert_extent() (Lukas Czerner) [747946] {CVE-2011-3638} [2.6.18-301.el5] - [net] e1000e: Avoid wrong check on TX hang (Dean Nelson) [746272] - [net] tg3: Fix TSO loopback test (John Feeney) [755202] - [net] ipvs: Fix memory leak when using one packet scheduler (Thomas Graf) [757882] - [net] ipv6: Defer device init until valid qdisc specified (Neil Horman) [758736] - [block] nbd: prevent sock_xmit from attempting to use NULL socket (Jeff Moyer) [676491] - [net] tg3: Scale back code that modifies MRRS (John Feeney) [758882] - [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749160] {CVE-2011-4077} - [net] cxgb3: key cxgb3 driver to work based on NETIF_F_GRO (Neil Horman) [754709] - [net] cxgb3: fix vfree BUG halt in rcu calback (Neil Horman) [756410] - [net] ipv4: fix IN_DEV_ACCEPT_LOCAL() (Weiping Pan) [758993] - [misc] cpu: Fix APIC calibration issues on VMware (Prarit Bhargava) [743368] - [net] igb: Loopback functionality support for i350 devices (Stefan Assmann) [758059] [2.6.18-300.el5] - [pci] intel-iommu: Default to non-coherent for unattached domains (Don Dutile) [753924] - [scsi] bfa: update driver embedded firmware to 3.0.0.0 (Rob Evers) [752972] - [scsi] bnx2i: Fix endian on TTT for NOP out transmission (Mike Christie) [752626] - [input] evdev: Fix spin lock context in evdev_pass_event() (Don Zickus) [734900] - [net] bnx2x: Add new PHY BCM54616 (Michal Schmidt) [733889] - [scsi] ipr: add definitions for additional adapter (Steve Best) [753910] - [scsi] ipr: Fix BUG on adapter dump timeout (Steve Best) [753910] - [scsi] ipr: Add support to flash FPGA and flash back DRAM images (Steve Best) [753910] - [scsi] ipr: Stop reading adapter dump prematurely (Steve Best) [753910] - [char] rtc: fix reported IRQ rate for when HPET is enabled (Prarit Bhargava) [740299] - [block] cciss: add Smart Array 5i to the kdump blacklist (Tomas Henzl) [752690] - [scsi] qla4xxx: Update version number to V5.02.04.00.05.08-d0 (Chad Dupuis) [714214] - [scsi] qla4xxx: Do not recover adapter if in FAILED state (Chad Dupuis) [714214] - [scsi] qla4xxx: Fix duplicate targets in BIOS do not show up (Chad Dupuis) [714214] - [scsi] qla4xxx: Fix rmmod kernel trace with ql4xdontresethba=1 (Chad Dupuis) [714214] - [scsi] qla4xxx: Add ql4xmaxcmds Command Line Parameter (Chad Dupuis) [714214] - [scsi] qla4xxx: Correct the locking mechanism (Chad Dupuis) [714214] - [scsi] qla4xxx: Minidump implementation (Chad Dupuis) [714214] - [scsi] qla4xxx: Device quiescent and loopback changes (Chad Dupuis) [714214] - [scsi] qla4xxx: Add new FLT firmware region (Chad Dupuis) [714214] - [scsi] qla4xxx: Prevent CPU lockups when ql4xdontresethba is set (Chad Dupuis) [714214] - [scsi] qla4xxx: Updated the reset sequence for ISP82xx (Chad Dupuis) [714214] - [scsi] qla4xxx: set set_ddb_entry with correct dma buffer (Chad Dupuis) [714214] - [scsi] qla4xxx: Reset retry_relogin_timer to trigger a relogin (Chad Dupuis) [714214] - [scsi] qla4xxx: Update ddb_entry on fw_ddb_index changes (Chad Dupuis) [714214] - [scsi] qla4xxx: BFS issue when same target devices added twice (Chad Dupuis) [714214] - [scsi] qla4xxx: mark device missing in recover adapter (Chad Dupuis) [714214] - [scsi] qla4xxx: Perform context resets on context failures (Chad Dupuis) [714214] - [scsi] qla4xxx: show hardware/firmware regs for more debug info (Chad Dupuis) [714214] - [scsi] qla4xxx: Pass correct fw_ddb_index to abort_task (Chad Dupuis) [714214] - [scsi] qla4xxx: check command already completed when abort issued (Chad Dupuis) [714214] - [scsi] qla4xxx: Use os_target_id to identify a session (Chad Dupuis) [714214] - [fs] dcache: Fix dentry loop detection deadlock (David Howells) [717959] - [net] cxgb4: fix ability to disable tx cksum and change tso (Neil Horman) [754711] - [fs] nfs: when attempting dir open, fall back on normal lookup (Jeff Layton) [740162] - [fs] nfs: remove BUG() from encode_share_access() (Jeff Layton) [754901] - [fs] epoll: use up all the timeout (Jason Baron) [705138] - [s390] qdio: avoid race leading to stall if CQ is used (Hendrik Brueckner) [753193] - [scsi] libsas: disable scanning lun > 0 on ata devices (David Milburn) [749309] - [scsi] isci: atapi support (David Milburn) [749309] - [scsi] isci: initial sgpio write support (David Milburn) [743965] - [scsi] isci: fix sgpio register definitions (David Milburn) [743965] - [scsi] isci: export phy events via ->lldd_control_phy() (David Milburn) [747670] - [scsi] isci: port state should be set to stopping on last phy (David Milburn) [747670] - [scsi] isci: fix decode of DONE_CRC_ERR TC completion status (David Milburn) [747670] - [scsi] isci: SATA/STP I/O only returned in normal path to libsas (David Milburn) [747670] - [scsi] isci: fix support for large smp requests (David Milburn) [747670] - [scsi] isci: fix missed unlock in apc_agent_timeout() (David Milburn) [747670] - [scsi] isci: fix event-get pointer increment (David Milburn) [747670] - [scsi] isci: add version number (David Milburn) [747670] - [scsi] isci: dynamic interrupt coalescing (David Milburn) [747670] - [scsi] isci: fix sata response handling (David Milburn) [747670] - [scsi] isci: Leave requests alone if already terminating (David Milburn) [747670] - [misc] irq: Check for spurious IRQ only on disabled IRQs (Prarit Bhargava) [756412] - [net] sctp: Fix another race during accept/peeloff (Thomas Graf) [714870] - [net] bonding: change slave->speed from u16 to u32 (Weiping Pan) [747547] - [scsi] bnx2i: set PF_NOFREEZE in IO thread (Mike Christie) [753729] - [fs] hfs: add sanity check for file name length (Eric Sandeen) [755433] {CVE-2011-4330} - [fs] aio: remove upper bound on retries (Jeff Moyer) [753271] [2.6.18-299.el5] - [scsi] be2iscsi: Move driver Version to 4.1.239.0 (Mike Christie) [744343] - [scsi] be2iscsi: memset wrb for ring create (Mike Christie) [744343] - [scsi] be2iscsi: Fix for when task->sc was cleaned up earlier (Mike Christie) [744343] - [scsi] be2iscsi: Fix for wrong dmsg setting in wrb (Mike Christie) [744343] - [scsi] be2iscsi: Fix for kdump failure (Mike Christie) [744343] - [net] ethtool: Support large register dumps (Neil Horman) [753200] - [fs] proc: Fix select on /proc files without ->poll (David Howells) [751214] - [net] igb: bump version to reflect RHEL5.8 updates (Stefan Assmann) [754359] - [fs] dcache: Log ELOOP rather than creating a loop (David Howells) [717959] - [fs] dcache: Fix loop checks in d_materialise_unique (David Howells) [717959] - [fs] nfs: Ensure we mark inode as dirty if early exit from commit (Jeff Layton) [714020] - [scsi] qla2xxx: Update the 4G and 8G firmware to 5.06.03 (Chad Dupuis) [750362] - [x86] apic: ack all pending irqs when crashed/on kexec (hiro muneda) [742079] - [net] cxgb3: Fix VLAN over Jumbo frames (Neil Horman) [753053] - [net] cxgb3: Fix out of bounds index of adapter_info (Neil Horman) [753044] [2.6.18-298.el5] - [security] keys: Fix NULL deref in user-defined key type (David Howells) [751301] {CVE-2011-4110} - [fs] dlm: delayed reply message warning (David Teigland) [677413] - [virt] kvm: fix regression w/ 32 bit KVM clock (Rik van Riel) [731599 751742] - [net] bonding: update speed/duplex for NETDEV_CHANGE (Weiping Pan) [747547] [2.6.18-297.el5] - [scsi] megaraid_sas: add workaround for PERC5/1068 kdump panic (Tomas Henzl) [745964] - [fs] jbd/jbd2: validate sb->s_first in journal_get_superblock (Eryu Guan) [706810] - [net] tg3: Remove 5719 jumbo frames and TSO blocks (John Feeney) [743117] - [net] tg3: Break larger frags into 4k chunks for 5719 (John Feeney) [743117] - [net] tg3: Add tx BD budgeting code (John Feeney) [743117] - [net] tg3: Consolidate code that calls tg3_tx_set_bd() (John Feeney) [743117] - [net] tg3: Add partial fragment unmapping code (John Feeney) [743117] - [net] tg3: Generalize tg3_skb_error_unmap() (John Feeney) [743117] - [net] tg3: Simplify tx bd assignments (John Feeney) [743117] - [net] tg3: Reintroduce tg3_tx_ring_info (John Feeney) [743117] - [net] tg3: Add TSO loopback test (John Feeney) [743117] - [net] tg3: Cleanup transmit error path (John Feeney) [743117] - [scsi] lpfc: Update lpfc version for 8.2.0.108.2p driver release (Rob Evers) [747348] - [scsi] lpfc: Fix kernel build warnings (Rob Evers) [747348] - [scsi] lpfc: Fix crash when cfg_fcp_eq_count is zero (Rob Evers) [747348] - [scsi] lpfc: Fix COMMON_GET_CNTL_ATTR mbox cmd failure (Rob Evers) [747348] - [scsi] lpfc: Fix SLI4 device detecting physical port name (Rob Evers) [747348] - [scsi] lpfc: Fix reporting of firmware versions that contain an X (Rob Evers) [747348] - [scsi] lpfc: Fix kernel crash during boot with SLI4 card (Rob Evers) [747348] - [scsi] lpfc: Fixed RPI leaks in ELS protocol handling (Rob Evers) [747348] - [scsi] lpfc: Properly clean up EQ and CQ child lists (Rob Evers) [747348] - [scsi] lpfc: Fixed NPIV FDISC failure on SLI4 if-type 2 ports (Rob Evers) [747348] - [scsi] lpfc: Fixed failure to do IP reset on SLI4 error (Rob Evers) [747348] - [scsi] lpfc: Fixed fcp underrun reporting (Rob Evers) [747348] - [scsi] lpfc: Fix sysfs lists fabric name for disconnected port (Rob Evers) [747348] - [scsi] lpfc: change SLI_CONFIG mailbox cmd timeout to 300 seconds (Rob Evers) [747348] - [scsi] lpfc: Fix handling IP reset when PCI read return error (Rob Evers) [747348] - [scsi] lpfc: Fixed casting problem (Rob Evers) [747348] - [scsi] lpfc: Fix error code return for management API (Rob Evers) [747348] - [scsi] lpfc: Fix sli4 mailbox status code (Rob Evers) [747348] - [scsi] lpfc: Fixed incomplete scsi messages displayed (Rob Evers) [747348] - [net] igb: Fix for Alt MAC Address feature on 82580 and later (Stefan Assmann) [748792] - [net] igb: enable link power down (Stefan Assmann) [742514] - [net] netfilter: Search all chains if drop due to max conntrack (Thomas Graf) [713222] - [x86] hwmon: enable i5k_amb driver to get memory resource (Dean Nelson) [736032] - [xen] ia64: fix compile warning added by watchdog timers (Laszlo Ersek) [742880] [2.6.18-296.el5] - [net] bonding: Have bond_check_dev_link examine netif_running (Ivan Vecera) [736172] - [net] be2net: enable NETIF_F_LLTX and add own locking of Tx path (Ivan Vecera) [731806] - [net] be2net: fix multicast filter programming (Ivan Vecera) [731806] - [net] be2net: fix cmd-rx-filter not notifying MCC (Ivan Vecera) [731806] - [net] be2net: use RX_FILTER cmd to program multicast addresses (Ivan Vecera) [731806] - [fs] cifs: fix wrong buffer length returned by SendReceive (Sachin Prabhu) [720363] - [net] ipv6: allow DAD to be disabled (Jiri Benc) [709271] - [xen] Watchdog timers for domains (Laszlo Ersek) [742880] [2.6.18-295.el5] - [net] tg3: put back 5717_PLUS for 5719 and 5720 (John Feeney) [749866] - [s390] qdio: EQBS retry after CCQ 96 (Hendrik Brueckner) [749058] - [fs] nfs: re-add call to filemap_fdatawrite (David Jeffery) [748999] - [x86] Add missing CPU feature flags for AMD Bulldozer (Frank Arnold) [712517] - [usb] input/wacom: add support for Bamboo MTE-450A (Aristeu Rozanski) [710066] - [fs] gfs2: Add readahead to sequential directory traversal (Robert S Peterson) [681902] - [fs] gfs2: Cache dir hash table in a contiguous buffer (Robert S Peterson) [681902] [2.6.18-294.el5] - [misc] modsign: Clean up canonlist properly during sig verify (Jiri Olsa) [485173] - [virt] kvm: fix lost tick accounting for 32 bit kvm-clock (Rik van Riel) [731599] - [fs] epoll: fix integer overflow warning (Jason Baron) [705138] - [net] bonding: allow all slave speeds (Jiri Pirko) [699661] - [net] bonding: fix string comparison errors (Andy Gospodarek) [680332] - [fs] vfs: fix automount should ignore LOOKUP_FOLLOW (Ian Kent) [560103] - [fs] proc: fix oops on invalid /proc/<pid>/maps access (Johannes Weiner) [747699] {CVE-2011-3637} - [fs] file: do not kfree vmalloc'd file table arrays (Johannes Weiner) [738238] - [net] bnx2x: fix bad pointer arithmetic causing memory corruption (Michal Schmidt) [747579] - [net] bnx2x: restore bnx2x/cnic/bnx2i update (Jarod Wilson) [715383 715388 715604] - [misc] remove div_long_long_rem (Prarit Bhargava) [732614] {CVE-2011-3209} - [net] bridge: fix use after free in __br_deliver (Amerigo Wang) [703045] {CVE-2011-2942} [2.6.18-293.el5] - [redhat] configs: Increase the maximum allowed number of UART's (Mauro Carvalho Chehab) [684874] - [net] igb: add entropy support option (Stefan Assmann) [605703] - [net] bnx2x: revert bnx2x/cnic/bnx2i update (Jarod Wilson) [715383 715388 715604] - [virt] xen/netback: disable features not supported by netfront (Paolo Bonzini) [746225] - [fs] jbd: Fix forever sleeping process in do_get_write_access (Harshula Jayasuriya) [745345] - [fs] jbd2: Fix forever sleeping process in do_get_write_access (Harshula Jayasuriya) [745345] - [s390] crypto: Toleration for ap bus devices with device type 10 (Hendrik Brueckner) [744859] - [cpufreq] powernow-k8: add missing unregister_cpu_notifier (Prarit Bhargava) [743961] - [misc] cpu: make set_mtrr disable interrupts before sending IPI (Shyam Iyer) [739631] - [net] cxgb3: Update to latest upstream for rhel5.8 (Neil Horman) [717807] - [infiniband] cxgb3: backport upstream fixes for rhel5.8 (Neil Horman) [717433] - [net] mlx4: remove duplicate rounddown_pow_of_two (Jarod Wilson) [714232] - [x86] Fix suspend/resume on AMD IOMMUs (Matthew Garrett) [712296] - [acpi] Backport pm_qos support to rhel5 (Matthew Garrett) [691954] - [ipc] shm: add RSS and swap size information to /proc/sysvipc/shm (Jerome Marchand) [638652] - [ipc] shm: fix 32-bit truncation of segment sizes (Jerome Marchand) [638652] - [usb] host: slow down ehci ITD reuse (Don Zickus) [571737] - [usb] host: Fix EHCI ISO transfer bug (Don Zickus) [571737] - [usb] host: fix bug in ehci Iso scheduling (Don Zickus) [571737] - [usb] host: ehci completes high speed ISO URBs sooner (Don Zickus) [571737] - [xen] x86: introduce cpuid whitelist (Andrew Jones) [526862 711070] [2.6.18-292.el5] - [scsi] megaraid: fix FastPath and update to v5.40 (Tomas Henzl) [717698] - [net] netxen: Add pcie fw load perf drop workaround (Chad Dupuis) [714239] - [net] netxen: add vlan LRO support (Chad Dupuis) [714239] - [net] netxen: add fw version compatibility check (Chad Dupuis) [714239] - [net] netxen: Remove casts of void * (Chad Dupuis) [714239] - [net] netxen: fix race in skb->len access (Chad Dupuis) [714239] - [net] netxen: Remove unnecessary semicolons (Chad Dupuis) [714239] - [net] netxen: suppress false lro warning messages (Chad Dupuis) [714239] - [net] netxen: Fix common misspellings (Chad Dupuis) [714239] - [net] netxen: Add support for VLAN RX HW acceleration (Chad Dupuis) [714239] - [scsi] qla2xxx: Update the 4G and 8G firmware to 5.06.01 (Chad Dupuis) [714236] - [scsi] qla2xxx: Updated the driver version to 8.03.07.09.05.08-k. (Chad Dupuis) [714206] - [scsi] qla2xxx: properly set the port number. (Chad Dupuis) [714206] - [scsi] qla2xxx: Check for marker IOCB during response queue processing. (Chad Dupuis) [714206] - [scsi] qla2xxx: Retrun sysfs error codes appropriate to conditions (Chad Dupuis) [714206] - [scsi] qla2xxx: Handle MPI timeout indicated by AE8002 (Chad Dupuis) [714206] - [scsi] qla2xxx: Use port number to compute nvram/vpd parameter offsets. (Chad Dupuis) [714206] - [scsi] qla2xxx: Change from irq to irqsave with host_lock (Chad Dupuis) [714206] - [scsi] qla2xxx: Check for golden firmware and show version if available. (Chad Dupuis) [714206] - [scsi] qla2xxx: Issue mailbox command only when firmware hung bit is reset for ISP82xx. (Chad Dupuis) [714206] - [scsi] qla2xxx: Correct inadvertent loop state transitions during port-update handling. (Chad Dupuis) [714206] - [scsi] qla2xxx: Update to the beacon implementation. (Chad Dupuis) [714206] - [scsi] qla2xxx: Add support for ISP82xx to capture dump (minidump) on failure. (Chad Dupuis) [714206] - [scsi] qla2xxx: Check for marker IOCB during response queue processing. (Chad Dupuis) [714206] - [scsi] qla2xxx: Fix qla24xx revision check while enabling interrupts. (Chad Dupuis) [714206] - [scsi] qla2xxx: Check to see if a request has completed before calling qla2x00_block_error_handler() in the abort handler. (Chad Dupuis) [714206] - [scsi] qla2xxx: Acquire hardware lock while manipulating dsd list. (Chad Dupuis) [714206] - [scsi] qla2xxx: Double check for command completion if abort mailbox command fails. (Chad Dupuis) [714206] - [scsi] qla2xxx: Fix array out of bound warning. (Chad Dupuis) [714206] - [scsi] qla2xxx: Prevent CPU lockups when module param is set. (Chad Dupuis) [714206] - [scsi] qla2xxx: Provide method for updating I2C attached VPD. (Chad Dupuis) [714206] - [scsi] qla2xxx: Enable write permission to some debug related module parameters to be changed dynamically. (Chad Dupuis) [714206] - [scsi] qla2xxx: Implemented beacon on/off for ISP82XX. (Chad Dupuis) [714206] - [scsi] qla2xxx: Check alterante 'reason' code during GPSC status handling. (Chad Dupuis) [714206] - [scsi] qla2xxx: During loopdown perform Diagnostic loopback. (Chad Dupuis) [714206] - [scsi] qla2xxx: Refactor call to qla2xxx_read_sfp for thermal temperature. (Chad Dupuis) [714206] - [scsi] qla2xxx: Unify the read/write sfp mailbox command routines (Chad Dupuis) [714206] - [scsi] qla2xxx: Correct read sfp single byte mailbox register. (Chad Dupuis) [714206] - [scsi] qla2xxx: Clear complete initialization control block. (Chad Dupuis) [714206] - [scsi] qla2xxx: Allow an override of the registered maximum LUN. (Chad Dupuis) [714206] - [scsi] qla2xxx: Add host number in reset and quiescent message logs. (Chad Dupuis) [714206] - [scsi] qla2xxx: Correct buffer start in edc sysfs debug print. (Chad Dupuis) [714206] - [scsi] qla2xxx: Correction to sysfs edc interface. (Chad Dupuis) [714206] - [scsi] qla2xxx: Improve logging of exception conditions when creating NPIV ports. (Chad Dupuis) [714206] - [scsi] qla2xxx: Log if firmware fails to load from flash for ISP82xx. (Chad Dupuis) [714206] - [scsi] qla2xxx: Add test for valid loop id on fabric relogin. (Chad Dupuis) [714206] - [scsi] qla2xxx: Don't wait for active mailbox command completion when firmware is hung. (Chad Dupuis) [714206] - [misc] dcache: exclude new automount functions from kabi (Ian Kent) [560103] - [fs] autofs4: rename follow_down_one to follow_down for kabi (Ian Kent) [560103] - [fs] autofs4: rename d_managed to d_mounted to preserve kabi (Ian Kent) [560103] - [fs] vfs: remove LOOKUP_NO_AUTOMOUNT flag (Ian Kent) [560103] - [fs] vfs: Fix the remaining automounter semantics regressions (Ian Kent) [560103] - [fs] vfs: Add LOOKUP_AUTOMOUNT flag for pathname lookup (Ian Kent) [560103] - [fs] vfs: automount should ignore LOOKUP_FOLLOW (Ian Kent) [560103] - [fs] vfs: Fix automount for negative autofs dentries (Ian Kent) [560103] - [fs] vfs: Remove a further kludge from __do_follow_link (Ian Kent) [560103] - [fs] autofs4: bump version (Ian Kent) [560103] - [fs] autofs4: reinstate last used update on access (Ian Kent) [560103] - [fs] autofs4: add v4 pseudo direct mount support (Ian Kent) [560103] - [fs] autofs4: fix wait validation (Ian Kent) [560103] - [fs] autofs4: cleanup autofs4_free_ino (Ian Kent) [560103] - [fs] autofs4: cleanup dentry operations (Ian Kent) [560103] - [fs] autofs4: cleanup inode operations (Ian Kent) [560103] - [fs] autofs4: removed unused code (Ian Kent) [560103] - [fs] autofs4: add d_manage dentry operation (Ian Kent) [560103] - [fs] autofs4: add d_automount dentry operation (Ian Kent) [560103] - [fs] vfs: Make follow_down handle d_manage (Ian Kent) [560103] - [fs] vfs: Make d_mounted a more general field for special functs (Ian Kent) [560103] - [fs] vfs: Add AT_NO_AUTOMOUNT flag to suppress terminal automount (Ian Kent) [560103] - [fs] cifs: Use d_automount rather than abusing follow_link (Ian Kent) [560103] - [fs] nfs: Use d_automount rather than abusing follow_link (Ian Kent) [560103] - [fs] namei: Add dentry op for automount, don't use follow_link (Ian Kent) [560103] - [fs] namei: rename struct path to vfs_path (Ian Kent) [560103] - [fs] autofs4: rename dentry to expiring in _lookup_expiring (Ian Kent) [560103] - [fs] autofs4: rename dentry to active in autofs4_lookup_active() (Ian Kent) [560103] - [fs] autofs4: eliminate d_unhashed in path walk checks (Ian Kent) [560103] - [fs] autofs4: cleanup active and expire lookup (Ian Kent) [560103] - [fs] autofs4: rename unhashed to active in autofs4_lookup() (Ian Kent) [560103] - [fs] autofs4: use autofs_info for pending flag (Ian Kent) [560103] - [fs] autofs4: use helper for need mount check (Ian Kent) [560103] - [fs] autofs4: use helpers for expiring list (Ian Kent) [560103] - [fs] autofs4: use helpers for active list handling (Ian Kent) [560103] [2.6.18-291.el5] - [fs] nfs: don't redirty inodes with no outstanding commits (Jeff Layton) [739665] - [edac] i7core_edac: Init memory name with cpu, channel, bank (Mauro Carvalho Chehab) [731824] - [message] mptsas: upgrade version string to 3.04.20rh (Tomas Henzl) [717707] - [message] mptsas: Fix device offline from aggressive HBA reset (Tomas Henzl) [717707] - [message] mptsas: Better handling of DEAD IOC PCI-E Link down err (Tomas Henzl) [717707] - [message] mptsas: Set max_sector count from module parameter (Tomas Henzl) [717707] - [message] mptsas: check SILI bit in READ_6 CDB for DATA UNDERRUN (Tomas Henzl) [717707] - [message] mptsas: Fix annoying warning (Tomas Henzl) [717707] - [message] mptsas: Remove debug print from mptscsih_qcmd() (Tomas Henzl) [717707] - [message] mptsas: do not check serial_number in the abort handler (Tomas Henzl) [717707] - [scsi] lpfc: Update version for 8.2.0.108.1p driver release (Rob Evers) [714290] - [scsi] lpfc: Fix stall when fw reset to port without privs (Rob Evers) [714290] - [scsi] lpfc: Fix uninit local var portstat_reg compiler warning (Rob Evers) [714290] - [scsi] lpfc: Fix request fw support for little endian systems (Rob Evers) [714290] - [scsi] lpfc: Fix default adapter name for the OCe15100 (Rob Evers) [714290] - [scsi] lpfc: Fix proper error code return value for hba resets (Rob Evers) [714290] - [scsi] lpfc: Fix cable pull failure on intf type 2 SLI-4 adapters (Rob Evers) [714290] - [scsi] lpfc: Fix omission of fcf priority failover sysfs entry (Rob Evers) [714290] - [scsi] lpfc: Fix SLI port recovery error attention with RN set (Rob Evers) [714290] - [scsi] lpfc: Fix crashes when unsolicted ELS ECHO_CMD received (Rob Evers) [714290] - [scsi] lpfc: Fix direct connect not coming up for SLI4 FC ports (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.108 driver release (Rob Evers) [714290] - [scsi] lpfc: Fix fw update to match new firmware image format (Rob Evers) [714290] - [scsi] lpfc: Fix SLI4 CT handling for sequences > 4K (Rob Evers) [714290] - [scsi] lpfc: Fixed handling of unsolicited frames for vports (Rob Evers) [714290] - [scsi] lpfc: Fixed crash when aborting els IOs (Rob Evers) [714290] - [scsi] lpfc: Fixed handling of CVL for vports (Rob Evers) [714290] - [scsi] lpfc: Fix up CT and oxid/rxid for unsol rcv frames (Rob Evers) [714290] - [scsi] lpfc: Fix duplicate log numbers caused by merge (Rob Evers) [714290] - [scsi] lpfc: Fixed compiler warning with file_operations struct (Rob Evers) [714290] - [scsi] lpfc: Added fcf priority record selection for fcf failover (Rob Evers) [714290] - [scsi] lpfc: Fix excess memory on stack compiler warning (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.107 driver release (Rob Evers) [714290] - [scsi] lpfc: Fix listhbas stall w/remote initiators in zone (Rob Evers) [714290] - [scsi] lpfc: Fix not building in debugfs if CONFIG_DEBUG_FS=y (Rob Evers) [714290] - [scsi] lpfc: Fix FC/FCoE Async Receive CQE not scaling (Rob Evers) [714290] - [scsi] lpfc: iDiag added SLI4 PCI BAR reigster access methods (Rob Evers) [714290] - [scsi] lpfc: iDiag cmd structure indexing by using macro defines (Rob Evers) [714290] - [scsi] lpfc: iDiag multi-buffer mbox command capture and dump ext (Rob Evers) [714290] - [scsi] lpfc: SLI4 loopback test and link diagnostic support (Rob Evers) [714290] - [scsi] lpfc: FLOGI payload has Multiple IDs on enable_npiv clear (Rob Evers) [714290] - [scsi] lpfc: log when writeable parameters are changed (Rob Evers) [714290] - [scsi] lpfc: Fix ASIC SYSFS failed multi-buffer fw download (Rob Evers) [714290] - [scsi] lpfc: Fix mbox cmd release memory leak (Rob Evers) [714290] - [scsi] lpfc: merge debugfs ASIC extents info into iDiag framework (Rob Evers) [714290] - [scsi] lpfc: wait for port status reg for ready after fw reset (Rob Evers) [714290] - [scsi] lpfc: Consolidated duplicating macro definitions (Rob Evers) [714290] - [scsi] lpfc: Remove sharp define from codebase (Rob Evers) [714290] - [scsi] lpfc: Implement debugfs support for resource extents (Rob Evers) [714290] - [scsi] lpfc: iDiag r/w bitset/clear access to new ASIC ctl regs (Rob Evers) [714290] - [scsi] lpfc: Fix mbox command failure with multiple large buffers (Rob Evers) [714290] - [scsi] lpfc: iDiag endian explicit dumping (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs method for dumping mbox from SLI4 (Rob Evers) [714290] - [scsi] lpfc: request PCI reset to support EEH recover on P7 (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs inline mbox cmd capture and dump (Rob Evers) [714290] - [scsi] lpfc: Fix enabling of PCIe AER (Rob Evers) [714290] - [scsi] lpfc: Fix EEH recovery to save state after SLI4 PCI reset (Rob Evers) [714290] - [scsi] lpfc: INIT_LIST_HEAD to lpfc_mgmt_issue_sli_cfg_ext_mbox (Rob Evers) [714290] - [scsi] lpfc: new ASIC mgmt pass-through mbox multi-buffer ext (Rob Evers) [714290] - [scsi] lpfc: Fix FC Port swap on SLI3 adapters (Rob Evers) [714290] - [scsi] lpfc: Fix Virtual link loss during failover test (Rob Evers) [714290] - [scsi] lpfc: Fix vpi initialization in lpfc_init_vfi (Rob Evers) [714290] - [scsi] lpfc: show 16 Gbit in FC host supported_speeds sysfs entry (Rob Evers) [714290] - [scsi] lpfc: support reseting firmware and device from sysfs entry (Rob Evers) [714290] - [scsi] lpfc: support firmware dump obj file to flash filesystem (Rob Evers) [714290] - [scsi] lpfc: Add firmware upgrade code to driver (Rob Evers) [714290] - [scsi] lpfc: add delay following IF_TYPE_2 function reset (Rob Evers) [714290] - [scsi] lpfc: Fragment ELS & SCSI SGE lists via Extent regions (Rob Evers) [714290] - [scsi] lpfc: Fixed potential missed SLI4 init failure conditions (Rob Evers) [714290] - [scsi] lpfc: Add model names for new hardware (Rob Evers) [714290] - [scsi] lpfc: Set max SGE size to 0x80000000 where possible (Rob Evers) [714290] - [scsi] lpfc: Fix discovery failure in private loop (Rob Evers) [714290] - [scsi] lpfc: Fix SLI3 and non-NPIV crashes with new extent code (Rob Evers) [714290] - [scsi] lpfc: Refactor lpfc_sli4_alloc_extent some more (Rob Evers) [714290] - [scsi] lpfc: Restore mbox can fail as nonerror functionality (Rob Evers) [714290] - [scsi] lpfc: Fix build warnings in 8.2.0.102 (Rob Evers) [714290] - [scsi] lpfc: Use HDRR bit to determine if RPI headers are needed (Rob Evers) [714290] - [scsi] lpfc: Don't post RPI Headers if port supports extents (Rob Evers) [714290] - [scsi] lpfc: ASIC mgmt multi-buffer mbox passthrough support (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.102 driver release (Rob Evers) [714290] - [scsi] lpfc: Add MAILBOX_MGMT_MAX define (Rob Evers) [714290] - [scsi] lpfc: Refactor code in lpfc_sli4_alloc_extent (Rob Evers) [714290] - [scsi] lpfc: start new ASIC device management support work (Rob Evers) [714290] - [scsi] lpfc: Fix port capabilities and get parameters mbox calls (Rob Evers) [714290] - [scsi] lpfc: Fix SLI2 crashes with new extent code (Rob Evers) [714290] - [scsi] lpfc: Fix mbox processing to not overwrite status codes (Rob Evers) [714290] - [scsi] lpfc: enumerate members starting from none zero value (Rob Evers) [714290] - [scsi] lpfc: Remove workaround for extents endian issue (Rob Evers) [714290] - [scsi] lpfc: Call correct mbox cleanup routine after extent alloc (Rob Evers) [714290] - [scsi] lpfc: extent block list cleanup and free memory resources (Rob Evers) [714290] - [scsi] lpfc: Fix memory leak in extent block lists (Rob Evers) [714290] - [scsi] lpfc: Modified variables for XRIs to be unsigned variable (Rob Evers) [714290] - [scsi] lpfc: support for nonembedded Extent mailbox IOCTLs (Rob Evers) [714290] - [scsi] lpfc: Fixed compilation error/warning in sli code (Rob Evers) [714290] - [scsi] lpfc: Rework SLI4 Extents code (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.101 driver release (Rob Evers) [714290] - [scsi] lpfc: Fixed mask size for the wq_id mask (Rob Evers) [714290] - [scsi] lpfc: Fix Port Error detected during POST (Rob Evers) [714290] - [scsi] lpfc: Apply dropped patch from initial new ASIC bring up (Rob Evers) [714290] - [scsi] lpfc: Rework SLI4 Extents code (Rob Evers) [714290] - [scsi] lpfc: Reorganize CQ and EQ usage to comply with SLI4 Specs (Rob Evers) [714290] - [scsi] lpfc: Fix KERN levels on log messages 3008, 2903, 0383 (Rob Evers) [714290] - [scsi] lpfc: Initial checkin of SLI4 Extents code (Rob Evers) [714290] - [scsi] lpfc: Fix ASIC mbox queue id collision with work queue id (Rob Evers) [714290] - [scsi] lpfc: work on systems with Page Size Larger than 4k (Rob Evers) [714290] - [scsi] lpfc: set constant sysfs passthrough mbox cmd maximum size (Rob Evers) [714290] - [scsi] lpfc: Fix FCFI incorrect on received unsolicited frames (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.100 driver release (Rob Evers) [714290] - [scsi] lpfc: Add LOG_ELS message to NPIV LOGO (Rob Evers) [714290] - [scsi] lpfc: move multi-buffer macros into shared IOCTL header (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.99 driver release (Rob Evers) [714290] - [scsi] lpfc: Fix build warning in debugfs code (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs SLI4 doorbell reigster access methods (Rob Evers) [714290] - [scsi] lpfc: Fix RQ_CREATE version 1 fails (Rob Evers) [714290] - [scsi] lpfc: Add Temporary RPI field to the ELS request WQE (Rob Evers) [714290] - [scsi] lpfc: Allow SLI4 with FCOE_MODE not set on new FC adapters (Rob Evers) [714290] - [scsi] lpfc: only look at BAR2 or BAR4 only for if_type 0 (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs SLI4 display index info in decimal (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs SLI4 device queue entry access methods (Rob Evers) [714290] - [scsi] lpfc: Update copyright date for all changed files (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.98 driver release (Rob Evers) [714290] - [scsi] lpfc: Fixed the compiler warning in current code (Rob Evers) [714290] - [scsi] lpfc: handle PCI Link drop detection failure (Rob Evers) [714290] - [scsi] lpfc: Add selective reset jump table entry (Rob Evers) [714290] - [scsi] lpfc: Update version for 8.2.0.97 driver release (Rob Evers) [714290] - [scsi] lpfc: lower stack use in lpfc_fc_frame_check (Rob Evers) [714290] - [scsi] lpfc: fix comment typo diable -> disable (Rob Evers) [714290] - [scsi] lpfc: fix comment/printk typos (Rob Evers) [714290] - [scsi] lpfc: Add new Queue create Mailbox versions for new ASIC (Rob Evers) [714290] - [scsi] lpfc: Place LPFC driver module parameters in sysfs (Rob Evers) [714290] - [scsi] lpfc: Fix compile warning for iDiag (Rob Evers) [714290] - [scsi] lpfc: Performance Hints support (Rob Evers) [714290] - [scsi] lpfc: Add new driver interfaces for encryption products (Rob Evers) [714290] - [scsi] lpfc: iDiag driver support debugfs queue information get (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs PCI cfg reg bits set/clear methods (Rob Evers) [714290] - [scsi] lpfc: iDiag debugfs framework and r/w PCI cfg space regs (Rob Evers) [714290] - [block] cciss: bump driver version (Tomas Henzl) [714129] - [block] cciss: need to delay after a PCI Power Management reset (Tomas Henzl) [714129] - [block] cciss: auto engage scsi susbsystem (Tomas Henzl) [714129] - [block] cciss: store pdev in hba struct (Tomas Henzl) [714129] - [block] cciss: use consistent variable names (Tomas Henzl) [714129] - [block] cciss: add a commandline switch for simple mode (Tomas Henzl) [714129] - [fs] proc: close race with exec in mem_read() (Johannes Weiner) [692042] {CVE-2011-1020} - [mm] implement access_remote_vm (Johannes Weiner) [692042] {CVE-2011-1020} - [mm] factor out main logic of access_process_vm (Johannes Weiner) [692042] {CVE-2011-1020} - [mm] use mm_struct to resolve gate vma's in __get_user_pages (Johannes Weiner) [692042] {CVE-2011-1020} - [mm] make in_gate_area take mm_struct instead of a task_struct (Johannes Weiner) [692042] {CVE-2011-1020} - [mm] make get_gate_vma take mm_struct instead of task_struct (Johannes Weiner) [692042] {CVE-2011-1020} - [x86_64] mark assoc mm when running task in 32 bit compat mode (Johannes Weiner) [692042] {CVE-2011-1020} - [misc] sched: add ctx tag to mm running task in ia32 compat mode (Johannes Weiner) [692042] {CVE-2011-1020} - [fs] proc: require the target to be tracable (or yourself) (Johannes Weiner) [692042] {CVE-2011-1020} - [fs] proc: close race in /proc/*/environ (Johannes Weiner) [692042] {CVE-2011-1020} - [fs] proc: report errors in /proc/*/*map* sanely (Johannes Weiner) [692042] {CVE-2011-1020} - [fs] proc: shift down_read(mmap_sem) to the caller (Johannes Weiner) [692042] {CVE-2011-1020} - [fs] detect exec transition phase with new mm but old creds (Johannes Weiner) [692042] {CVE-2011-1020} - [net] tg3: call netif_carrier_off to initialize operstate value (John Feeney) [635982] - [net] tg3: Update to plus (John Feeney) [715409] - [net] tg3: Update to 3.119 (John Feeney) [715409] - [net] tg3: Update to 3.118 (John Feeney) [683393 699545] - [net] tg3: Update to 3.117 (John Feeney) [715409] - [xen] make test_assign_device domctl dependent on intremap hw (Laszlo Ersek) [740203] - [xen] Propagate target dom within XEN_DOMCTL_test_assign_device (Laszlo Ersek) [740203] [2.6.18-290.el5] - [net] e1000: don't enable dma rx until after dma address setup (Dean Nelson) [714318] - [net] e1000: save skb counts in TX to avoid cache misses (Dean Nelson) [714318 742124] - [net] e1000: Fix driver to be used on PA RISC C8000 workstations (Dean Nelson) [714318] - [net] e1000: repair missing flush operations (Dean Nelson) [714318] - [net] e1000: always do e1000_check_for_link on e1000_ce4100 MACs (Dean Nelson) [714318] - [scsi] be2iscsi: Add pci_disable device (Mike Christie) [714292] - [scsi] be2iscsi: Adding a shutdown Routine (Mike Christie) [713816 714292] - [scsi] be2iscsi: Fix /proc/interrupts problem (Mike Christie) [714292] - [scsi] be2iscsi: remove host and session casts (Mike Christie) [714292] - [scsi] be2iscsi: Use struct scsi_lun in iscsi structs (Mike Christie) [714292] - [scsi] be2iscsi: fix chip cleanup (Mike Christie) [714292] - [scsi] be2iscsi: fix boot hang due to interrupts not rearmed (Mike Christie) [714292] - [scsi] be2iscsi: Fix for proper setting of FW (Mike Christie) [714292] - [scsi] be2iscsi: Set a timeout to FW (Mike Christie) [714292] - [scsi] be2iscsi: remove extra semicolons (Mike Christie) [714292] - [scsi] be2iscsi: Fix common misspellings (Mike Christie) [714292] - [scsi] be2iscsi: tmp revert Fix MSIX interrupt names fix (Mike Christie) [714292] - [infiniband] cxgb4: Fail RDMA initialization on unsupported cards (Steve Best) [713943] - [infiniband] cxgb4: Couple of abort fixes (Steve Best) [713943] - [infiniband] cxgb4: Don't truncate MR lengths (Steve Best) [713943] - [infiniband] cxgb4: Don't exceed hw IQ depth limit for user CQs (Steve Best) [713943] - [hwmon] lm78: Make ISA interface depend on CONFIG_ISA (Dean Nelson) [713815] - [hwmon] lm78: Avoid forward declarations (Dean Nelson) [713815] - [hwmon] lm78: Stop abusing struct i2c_client for ISA devices (Dean Nelson) [713815] - [hwmon] lm78: Detect alias chips (Dean Nelson) [713815] - [hwmon] don't build drivers for ppc that touch ISA addresses (Dean Nelson) [713815] - [char] CONFIG_TELCLOCK depends on X86 (Dean Nelson) [713815] - [misc] add oprofile support for Sandy Bridge (John Villalovos) [713666] - [net] ixgbe: update to upstream version 3.4.8-k (Andy Gospodarek) [713110 714013 714314] - [net] e1000e: fix WoL on 82578DM and 82567V3 (Andy Gospodarek) [712773] - [fs] gfs2: Call gfs2_meta_wipe for directory hash blocks (Abhijith Das) [706616] - [net] bonding: resolve failover problems related to jiffy wrap (Andy Gospodarek) [693258] - [fs] nfs: Don't call iput holding nfs_access_cache_shrinker lock (Steve Dickson) [585935] - [block] improve detail in I/O error messages (Mike Snitzer) [516170] - [md] dm-mpath: propagate target errors immediately (Mike Snitzer) [516170] - [scsi] Correctly handle thin provisioning write error (Mike Snitzer) [516170] - [md] dm-mpath: sync pushback code with upstream (Mike Snitzer) [516170] - [scsi] Add detailed SCSI I/O errors (Mike Snitzer) [516170] - [scsi] Fix sense key MEDIUM ERROR processing and retry (Mike Snitzer) [516170] - [scsi] fix error propagation (Mike Snitzer) [516170] - [scsi] fix recovered error handling (Mike Snitzer) [516170] - [scsi] simplify scsi_io_completion() (Mike Snitzer) [516170] - [scsi] fix barrier failure and error propagation issues (Mike Snitzer) [516170] [2.6.18-289.el5] - [scsi] libsas: amend device gone notification in sas_deform_port (David Milburn) [742356] - [scsi] libsas: fix up device gone notification in sas_deform_port (David Milburn) [742356] - [scsi] libsas: fix loopback topology bug during discovery (David Milburn) [742356] - [scsi] libsas: fix SATA NCQ error (David Milburn) [742356] - [scsi] libsas: fix ATAPI check condition termination (David Milburn) [742356] - [net] fix low throughput when using vlan over bonding (Flavio Leitner) [742318] - [net] core/netpoll: clean skb->next before pushing it down (Flavio Leitner) [741374] - [net] sfc: Use MCDI RX_BAD_FCS_PKTS count as MAC rx_bad count (Michal Schmidt) [739077] - [md] raid5: fix raid6 resync corruption bug (Doug Ledford) [738984] - [scsi] scsi_lib: pause between error retries (Rob Evers) [736809] - [md] return an error code when we don't fail a drive (Doug Ledford) [736697] - [fs] nfs: update nfs4_fattr_bitmap_maxsz (Steve Dickson) [735477] - [net] ipv6: fix refcnt problem related to POSTDAD state (Weiping Pan) [723411] - [net] bnx2x: update FW to 7.0.23 (Michal Schmidt) [715383 715388 715604] - [scsi] bnx2i: driver update for 5.8 (Michal Schmidt) [715383 715388 715604] - [net] cnic: driver update for 5.8, part 2 (Michal Schmidt) [715383 715388 715604] - [net] bnx2x: fix undesired VLAN stripping (Michal Schmidt) [715383 715388 715604] - [net] bnx2x: driver update for 5.8, part 3 (Michal Schmidt) [715383 715388 715604] - [net] bnx2x: 57712 parity handling (Michal Schmidt) [715383 715388 715604] - [net] bnx2x, cnic, bnx2i: New 7.0 Firmware (Michal Schmidt) [715383 715388 715604] - [net] bnx2x: driver update for 5.8, part 2 (Michal Schmidt) [715383 715388 715604] - [net] cnic: driver update for 5.8, part 1 (Michal Schmidt) [715383 715388 715604] - [net] bnx2x, cnic: Disable iSCSI if DCBX negotiation succeeds (Michal Schmidt) [715383 715388 715604] - [net] bnx2x: driver update for 5.8, part 1 (Michal Schmidt) [715383 715388 715604] - [net] bnx2x: temporarily revert BCM57710 bringup fix (Michal Schmidt) [715383 715388 715604] - [misc] ethtool: Add 20G bit definitions (Michal Schmidt) [715383 715388 715604] include (Dean Nelson) [714318] - [net] ixgbevf: update to upstream version 2.1.0-k (Andy Gospodarek) [714317] - [net] e1000e: update to upstream version 1.4.4 (Andy Gospodarek) [714315] - [net] bna: Multiple Definition and Interface Setup Fix (Ivan Vecera) [714019] - [net] bna: Driver Version changed to 3.0.2.2 (Ivan Vecera) [714019] - [net] bna: Add Callback to Fix RXQ Stop (Ivan Vecera) [714019] - [net] bna: PLL Init Fix and Add Stats Attributes (Ivan Vecera) [714019] - [net] bna: Brocade 1860 HW Enablement (Ivan Vecera) [714019] - [net] bna: new firmware for new hardware (Ivan Vecera) [714019] - [net] bna: Implement FW Download for New HW (Ivan Vecera) [714019] - [net] bna: Capability Map and MFG Block Changes for New HW (Ivan Vecera) [714019] - [net] bna: Brocade 1860 IOC PLL, Reg Defs and ASIC Mode Changes (Ivan Vecera) [714019] - [net] bna: PCI Probe Conf Lock Fix (Ivan Vecera) [714019] - [net] bna: Semaphore Lock Fix (Ivan Vecera) [714019] - [net] bna: Set Ring Param Fix (Ivan Vecera) [714019] - [net] bna: Eliminate Small Race Condition Window in RX Path (Ivan Vecera) [714019] - [net] bna: make function tables cont (Ivan Vecera) [714019] - [net] bna: Driver Version changed to 3.0.2.1 (Ivan Vecera) [714019] - [net] bna: MBOX IRQ Flag Check after Locking (Ivan Vecera) [714019] - [net] bna: Initialization and Locking Fix (Ivan Vecera) [714019] - [net] bna: Ethtool Enhancements and Fix (Ivan Vecera) [714019] - [net] bna: Async Mode Tx Rx Init Fix (Ivan Vecera) [714019] - [net] bna: Formatting and Code Cleanup (Ivan Vecera) [714019] - [net] bna: TX Path and RX Path Changes (Ivan Vecera) [714019] - [net] bna: Interrupt Polling and NAPI Init Changes (Ivan Vecera) [714019] - [net] bna: PCI Probe Fix (Ivan Vecera) [714019] - [net] bna: Naming Change and Minor Macro Fix (Ivan Vecera) [714019] - [net] bna: off by one in bfa_msgq_rspq_pi_update() (Ivan Vecera) [714019] - [net] bna: unlock on error path in pnad_pci_probe() (Ivan Vecera) [714019] - [net] bna: Driver Version changed to 3.0.2.0 (Ivan Vecera) [714019] - [net] bna: Remove Obsolete Files (Ivan Vecera) [714019] - [net] bna: Remove Unused Code (Ivan Vecera) [714019] - [net] bna: firmware update for new (v3) bna driver (Ivan Vecera) [714019] - [net] bna: ENET and Tx Rx Redesign Enablement (Ivan Vecera) [714019] - [net] bna: Add New HW Defs (Ivan Vecera) [714019] - [net] bna: Tx and Rx Redesign (Ivan Vecera) [714019] - [net] bna: Introduce ENET as New Driver and FW Interface (Ivan Vecera) [714019] - [net] bna: MSGQ Implementation (Ivan Vecera) [714019] - [net] bna: Remove Obsolete File bfi_ctreg.h (Ivan Vecera) [714019] - [net] bna: Consolidated HW Registers for Supported HWs (Ivan Vecera) [714019] - [net] bna: Remove get_regs Ethtool Support (Ivan Vecera) [714019] - [net] bna: HW Interface Init Update (Ivan Vecera) [714019] - [net] bna: Remove Unnecessary CNA Check (Ivan Vecera) [714019] - [net] bna: Header File Consolidation (Ivan Vecera) [714019] - [net] bna: HW Error Counter Fix (Ivan Vecera) [714019] - [net] bna: Add HW Semaphore Unlock Logic (Ivan Vecera) [714019] - [net] bna: IOC Event Name Change (Ivan Vecera) [714019] - [net] bna: Mboxq Flush When IOC Disabled (Ivan Vecera) [714019] - [net] bna: Minor IRQ Index and Definition Change (Ivan Vecera) [714019] - [net] bna: State Machine Fault Handling Cleanup (Ivan Vecera) [714019] - [net] bna: IOC Event Notification Enhancement (Ivan Vecera) [714019] - [net] bna: CheckPatch Cleanup (Ivan Vecera) [714019] - [net] bna: Print Driver Version (Ivan Vecera) [714019] - [net] bna: Separate irq type flags from request_irq variable (Ivan Vecera) [714019] - [net] bna: use netdev_alloc_skb_ip_align() (Ivan Vecera) [714019] - [net] bna: Fix bad kzalloc call with interrupts disabled (Ivan Vecera) [714019] - [net] bna: Remove casts of void * (Ivan Vecera) [714019] - [net] bna: fix warning bfa_ioc_smem_pgoff defined but not used (Ivan Vecera) [714019] - [net] bna: Fix set-but-unused variables (Ivan Vecera) [714019] - [net] bna: convert to hw_features (Ivan Vecera) [714019] - [scsi] bfa: update firmware to version 3.0.2.2 (Rob Evers) [714017] - [scsi] bfa: Update the driver version to 3.0.2.2 (Rob Evers) [714017] - [scsi] bfa: Add support to store driver configuration in flash (Rob Evers) [714017] - [scsi] bfa: Added support to configure QOS and collect stats (Rob Evers) [714017] - [scsi] bfa: Added support to collect and reset fcport stats (Rob Evers) [714017] - [scsi] bfa: Add support for IO profiling (Rob Evers) [714017] - [scsi] bfa: Check supported speed based on port mode (Rob Evers) [714017] - [scsi] bfa: Update RME interrupt handling (Rob Evers) [714017] - [scsi] bfa: Add FC-transport Async Event Notification support (Rob Evers) [714017] - [scsi] bfa: Update the driver version to 3.0.2.1 (Rob Evers) [714017] - [scsi] bfa: Driver enhancements (Rob Evers) [714017] - [scsi] bfa: Added support to query PHY (Rob Evers) [714017] - [scsi] bfa: Added HBA diagnostics support (Rob Evers) [714017] - [scsi] bfa: Added support for flash configuration (Rob Evers) [714017] - [scsi] bfa: Added support to obtain SFP info (Rob Evers) [714017] - [scsi] bfa: Added support for CEE info and stats query (Rob Evers) [714017] - [scsi] bfa: Add IOCFC enable cbfn and stats changes (Rob Evers) [714017] - [scsi] bfa: FCS bug fixes (Rob Evers) [714017] - [scsi] bfa: DMA memory allocation enhancement (Rob Evers) [714017] - [scsi] bfa: Brocade-1860 Fabric Adapter vHBA support (Rob Evers) [714017] - [scsi] bfa: Brocade-1860 Fabric Adapter PLL init fixes (Rob Evers) [714017] - [scsi] bfa: Added Fabric Assigned Address(FAA) support (Rob Evers) [714017] - [scsi] bfa: IOC bug fixes (Rob Evers) [714017] - [scsi] bfa: Enable ASIC block configuration and query (Rob Evers) [714017] - [scsi] bfa: Update the driver version to 3.0.2.0 (Rob Evers) [714017] - [scsi] bfa: Driver initialization and model description fix (Rob Evers) [714017] - [scsi] bfa: Enhancement for fcpim and IO tag handling (Rob Evers) [714017] - [scsi] bfa: FC credit recovery and misc bug fixes (Rob Evers) [714017] - [scsi] bfa: 1860 Adapter 16Gbs support and flash controller fixes (Rob Evers) [714017] - [scsi] bfa: IOC and PLL init changes for Brocade-1860 Adapter (Rob Evers) [714017] - [scsi] bfa: support vport disable and enable operations (Rob Evers) [714017] - [scsi] bfa: Brocade-1860 Fabric Adapter Hardware Enablement (Rob Evers) [714017] - [scsi] bfa: Add pbc port disable check and fix LPS message name (Rob Evers) [714017] - [scsi] bfa: Introduce IOC event notification mechanism (Rob Evers) [714017] - [scsi] bfa: add generic address len pair for DMA memory chunk (Rob Evers) [714017] - [scsi] bfa: Move debugfs initialization before bfa init (Rob Evers) [714017] - [net] cxgb4: driver update for RHEL5.8 (Neil Horman) [713905] - [net] enic: update driver to version 2.1.1.24 (Stefan Assmann) [713536] - [edac] i7300_edac: Fix error cleanup logic (Mauro Carvalho Chehab) [712948] - [usb] input/hid: backport hidraw support (Aristeu Rozanski) [705453] - [fs] eventpoll: fix epoll_wait overly constraining wait times (Jason Baron) [705138] - [md] update superblocks properly when adding a spare (Doug Ledford) [668529] - [scsi] Fix out of spec CD-ROM problem with media change (Don Zickus) [664653] - [net] sctp: encode PROTOCOL VIOLATION error cause correctly (Thomas Graf) [636828] - [xen] vmx: Print advanced features during boot (Paolo Bonzini) [712440] [2.6.18-288.el5] - [scsi] mpt2sas: Bump version 09.100.00.00 (Tomas Henzl) [717581] - [scsi] mpt2sas: add missing mpt2sas_base_detach to scsih_remove (Tomas Henzl) [717581] - [scsi] mpt2sas: fix WarpDrive Infinite command retries on bad cmd (Tomas Henzl) [717581] - [scsi] mpt2sas: Adding support for customer specific branding (Tomas Henzl) [717581] - [scsi] mpt2sas: set DID_NO_CONNECT on remove and avoid shutdown (Tomas Henzl) [717581] - [scsi] mpt2sas: fix broadcast AEN and task management issue (Tomas Henzl) [717581] - [scsi] mpt2sas: Set max_sector count from module parameter (Tomas Henzl) [717581] - [scsi] mpt2sas: MPI next revision header update (Tomas Henzl) [717581] - [scsi] mpt2sas: Fixed Big Endian Issues on 32 bit PPC (Tomas Henzl) [717581] - [scsi] mpt2sas: do not check serial_number in the abort handler (Tomas Henzl) [717581] - [scsi] mpt2sas: remove flush_scheduled_work usages (Tomas Henzl) [717581] - [net] ipv6: Do not assign non-valid address on interface (Jiri Benc) [741511] - [fs] cifs: always do is_path_accessible check in cifs_mount (Jeff Layton) [738300] {CVE-2011-3363} - [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [738300] {CVE-2011-3363} - [md] raid1: don't retry recovery when the last drive fails (Doug Ledford) [736693] - [input] evdev: disable interrupts when processing events (Don Zickus) [734900] - [char] tpm: Zero buffer after copying to userspace (Jiri Benc) [732631] {CVE-2011-1162} - [md] bitmap: fix BUG triggered due to slow devices (Doug Ledford) [725358] - [char] sysrq: Fix panic executing 'echo f > /proc/sysrq-trigger' (Larry Woodman) [718645] - [scsi] isci: fix 32-bit operation when CONFIG_HIGHMEM64G=n (David Milburn) [713904] - [scsi] isci: Remove reserved device IDS from isci_id_table (David Milburn) [718341] - [scsi] isci: fix checkpatch errors (David Milburn) [718341] - [scsi] isci: Device reset should request sas_phy_reset(phy, true) (David Milburn) [718341] - [scsi] isci: pare back error messsages (David Milburn) [718341] - [scsi] isci: cleanup silicon revision detection (David Milburn) [718341] - [scsi] isci: refactor scu_unsolicited_frame.h (David Milburn) [718341] - [scsi] isci: merge sata.[ch] into request.c (David Milburn) [718341] - [scsi] isci: kill 'get/set' macros (David Milburn) [718341] - [scsi] isci: retire scic_sds_ and scic_ prefixes (David Milburn) [718341] - [scsi] isci: unify isci_host and scic_sds_controller (David Milburn) [718341] - [scsi] isci: unify isci_remote_device and scic_sds_remote_device (David Milburn) [718341] - [scsi] isci: unify isci_port and scic_sds_port (David Milburn) [718341] - [scsi] isci: fix scic_sds_remote_device_terminate_requests (David Milburn) [718341] - [scsi] isci: unify isci_phy and scic_sds_phy (David Milburn) [718341] - [scsi] isci: unify isci_request and scic_sds_request (David Milburn) [718341] - [scsi] isci: rename / clean up scic_sds_stp_request (David Milburn) [718341] - [scsi] isci: preallocate requests (David Milburn) [718341] - [scsi] isci: combine request flags (David Milburn) [718341] - [scsi] isci: unify can_queue tracking on the tci_pool (David Milburn) [718341] - [scsi] isci: Terminate dev requests on FIS err bit rx in NCQ (David Milburn) [718341] - [scsi] isci: fix frame received locking (David Milburn) [718341] - [scsi] isci: fix buffer overflow in isci_parse_oem_parameters (David Milburn) [718341] - [scsi] isci: fix isci_task_execute_tmf completion (David Milburn) [718341] - [scsi] isci: fix support for arbitrarily large smp requests (David Milburn) [718341] - [scsi] isci: fix dma_unmap_sg usage (David Milburn) [718341] - [scsi] isci: fix smp response frame overrun (David Milburn) [718341] - [scsi] isci: kill device_sequence (David Milburn) [718341] - [scsi] isci: kill isci_remote_device_change_state() (David Milburn) [718341] - [scsi] isci: atomic device lookup and reference counting (David Milburn) [718341] - [scsi] isci: fix ssp response iu buffer size in isci_tmf (David Milburn) [718341] - [scsi] isci: cleanup request allocation (David Milburn) [718341] - [scsi] isci: cleanup/optimize queue increment macros (David Milburn) [718341] - [scsi] isci: cleanup tag macros (David Milburn) [718341] - [scsi] isci: cleanup/optimize pool implementation (David Milburn) [718341] - [scsi] isci: Disable link layer hang detection (David Milburn) [718341] - [scsi] isci: Hard reset failure link resets all phys in the port (David Milburn) [718341] - [scsi] isci: decode remote node ready and suspended states (David Milburn) [718341] - [scsi] isci: fix isci_terminate_pending() list management (David Milburn) [718341] - [scsi] isci: Handle timed-out request terminations correctly (David Milburn) [718341] - [scsi] isci: Requests that do not start must be set to complete (David Milburn) [718341] - [scsi] isci: Add decode for SMP request retry error condition (David Milburn) [718341] - [scsi] isci: filter broadcast change notifications on phy resets (David Milburn) [718341] - [scsi] isci: Move reset delay after remote node resumption (David Milburn) [718341] - [scsi] isci: remove 'min memory' infrastructure (David Milburn) [718341] - [scsi] isci: Added support for C0 to SCU Driver (David Milburn) [718341] - [scsi] isci: additional state machine cleanup (David Milburn) [718341] - [scsi] isci: state machine cleanup (David Milburn) [718341] - [scsi] isci: Removing unused variables compiler warnings (David Milburn) [718341] - [scsi] isci: removing the kmalloc in smp request construct (David Milburn) [718341] - [scsi] isci: remove isci_timer interface (David Milburn) [718341] - [scsi] isci: Remove tmf timeout_timer (David Milburn) [718341] - [scsi] isci: convert phy_startup_timer to sci_timer (David Milburn) [718341] - [scsi] isci: convert scic_timeout_timer to sci_timer (David Milburn) [718341] - [scsi] isci: convert power control timer to sci_timer (David Milburn) [718341] - [scsi] isci: convert phy sata_timeout_timer to sci_timer (David Milburn) [718341] - [scsi] isci: convert port config agent timer to sci_timer (David Milburn) [718341] - [scsi] isci: replace isci_timer list with proper embedded timers (David Milburn) [718341] - [scsi] isci: add some type safety to the state machine interface (David Milburn) [718341] - [scsi] isci: unify rnc start{io|task} handlers (David Milburn) [718341] - [scsi] isci: unify rnc destruct handlers (David Milburn) [718341] - [scsi] isci: unify rnc destruct handlers (David Milburn) [718341] - [scsi] isci: unify rnc event handlers (David Milburn) [718341] - [scsi] isci: unify port start_io and complete_io handlers (David Milburn) [718341] - [scsi] isci: unify port link_up and link_down handlers (David Milburn) [718341] - [scsi] isci: remove port frame and event handlers (David Milburn) [718341] - [scsi] isci: unify port reset, add_phy, and remove_phy handlers (David Milburn) [718341] - [scsi] isci: remove port destruct handler (David Milburn) [718341] - [scsi] isci: unify port stop handlers (David Milburn) [718341] - [scsi] isci: remove port start handler (David Milburn) [718341] - [scsi] isci: merge port ready substates into main state machine (David Milburn) [718341] - [scsi] isci: c99 port state handlers (David Milburn) [718341] - [scsi] isci: clarify phy to port lookups (David Milburn) [718341] - [scsi] isci: unify phy consume_power handlers (David Milburn) [718341] - [scsi] isci: unify phy event handlers (David Milburn) [718341] - [scsi] isci: unify phy frame handlers (David Milburn) [718341] - [scsi] isci: remove phy destruct handlers (David Milburn) [718341] - [scsi] isci: unify phy reset handlers (David Milburn) [718341] - [scsi] isci: unify phy stop handlers (David Milburn) [718341] - [scsi] isci: unify phy start handlers (David Milburn) [718341] - [scsi] isci: merge phy substates (David Milburn) [718341] - [scsi] isci: remove the completion and event state handlers (David Milburn) [718341] - [scsi] isci: remove request task context completion state handler (David Milburn) [718341] - [scsi] isci: unify request frame handlers (David Milburn) [718341] - [scsi] isci: unify request start handlers (David Milburn) [718341] - [scsi] isci: unify request abort handlers (David Milburn) [718341] - [scsi] isci: merge stp req substates into primary state machine (David Milburn) [718341] - [scsi] isci: merge smp req substates into primary state machine (David Milburn) [718341] - [scsi] isci: merge stp req substates into primary state machine (David Milburn) [718341] - [scsi] isci: uplevel port infrastructure (David Milburn) [718341] - [scsi] isci: uplevel phy infrastructure (David Milburn) [718341] - [scsi] isci: uplevel request infrastructure (David Milburn) [718341] - [scsi] isci: uplevel state machine (David Milburn) [718341] - [scsi] isci: uplevel reg hw data structs and frame handling (David Milburn) [718341] - [scsi] isci: move core/controller to host (David Milburn) [718341] - [scsi] isci: unify constants (David Milburn) [718341] - [scsi] isci: unify request data structures (David Milburn) [718341] - [scsi] isci: make command/response iu explicit req object members (David Milburn) [718341] - [scsi] isci: move task context alignment to compile time (David Milburn) [718341] - [scsi] isci: make sgl explicit/aligned request object member (David Milburn) [718341] - [scsi] isci: move stp request info to scic_sds_request (David Milburn) [718341] - [scsi] isci: unify phy data structures (David Milburn) [718341] - [scsi] isci: unify phy data structures (David Milburn) [718341] - [scsi] isci: rnc state machine table c99 conversion (David Milburn) [718341] - [scsi] isci: remove scic_sds_port_increment_request_count (David Milburn) [718341] - [scsi] isci: kill scic_controller_get_port_handle function (David Milburn) [718341] - [scsi] isci: Removing unnecessary functions in request.c (David Milburn) [718341] - [scsi] isci: unify isci_host data structures (David Milburn) [718341] - [scsi] isci: implement I_T_nexus_reset (David Milburn) [718341] - [scsi] isci: fix ata locking (David Milburn) [718341] - [scsi] isci: removing intel_*.h headers (David Milburn) [718341] - [scsi] isci: Using Linux SSP frame header (David Milburn) [718341] - [scsi] isci: Remove SCIC_SWAP_DWORD() (David Milburn) [718341] - [scsi] isci: fixup SAS iaf protocols data structure (David Milburn) [718341] - [scsi] isci: remove redundant copies of IAF (David Milburn) [718341] - [scsi] isci: Converting smp_response to Linux native smp_resp (David Milburn) [718341] - [scsi] isci: Fixup of smp request (David Milburn) [718341] - [scsi] isci: Convert of sci_ssp_response_iu to ssp_response_iu (David Milburn) [718341] - [scsi] isci: Fixup SSP command IU and task IU (David Milburn) [718341] - [scsi] isci: renaming sas_capabilities to scic_phy_cap (David Milburn) [718341] - [scsi] isci: Collapsing of phy_type data structure (David Milburn) [718341] - [scsi] isci: Convert SAS identify address frame to native format (David Milburn) [718341] - [scsi] isci: Convert ATA defines to Linux native defines (David Milburn) [718341] - [scsi] isci: Convert SATA fis data structures to Linux native (David Milburn) [718341] - [scsi] isci: remove compile-time (Kconfig) silicon configuration (David Milburn) [718341] - [scsi] isci: Removing unused define SCIC_SDS_4_ENABLED (David Milburn) [718341] - [scsi] isci: kill scic_sds_remote_device.state_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device frame_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device event_handlers (David Milburn) [718341] - [scsi] isci: kill remote_device resume_handler (David Milburn) [718341] - [scsi] isci: unify remote_device suspend_handlers (David Milburn) [718341] - [scsi] isci: kill remote_device complete_task_handler (David Milburn) [718341] - [scsi] isci: unify remote_device start_task_handlers (David Milburn) [718341] - [scsi] isci: kill remote_device continue_io_handler (David Milburn) [718341] - [scsi] isci: unify remote_device complete_io_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device start_io_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device reset_complete_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device reset_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device destruct_handlers (David Milburn) [718341] - [scsi] isci: kill remote_device fail_handler (David Milburn) [718341] - [scsi] isci: unify remote_device stop_handlers (David Milburn) [718341] - [scsi] isci: unify remote_device start_handlers (David Milburn) [718341] - [scsi] isci: fix remote_device start_io regressions (David Milburn) [718341] - [scsi] isci: kill scic_remote_device_get_connection_rate (David Milburn) [718341] - [scsi] isci: merge remote_device substates into one state machine (David Milburn) [718341] - [scsi] isci: Removed sci_object.h from project (David Milburn) [718341] - [scsi] isci: Removed sci_base_object from scic_sds_request (David Milburn) [718341] - [scsi] isci: no sci_base_object in scic_sds_remote_node_context (David Milburn) [718341] - [scsi] isci: Removed sci_base_object from scic_sds_remote_device (David Milburn) [718341] - [scsi] isci: Removed sci_base_object from scic_sds_port (David Milburn) [718341] - [scsi] isci: Removed sci_base_object from scic_sds_phy (David Milburn) [718341] - [scsi] isci: Removed sci_base_object from scic_sds_controller (David Milburn) [718341] - [scsi] isci: Removed struct sci_base_object from state machine (David Milburn) [718341] - [scsi] isci: Implement SCU AFE recipe 10. (David Milburn) [718341] - [scsi] isci: Remove excessive log noise with expander hot-unplug (David Milburn) [718341] - [scsi] isci: removing non-working ATAPI code (David Milburn) [718341] - [scsi] isci: remove scic_sds_remote_device_get_port_index (David Milburn) [718341] - [scsi] isci: remove sci_sas_address in scic_sds_remote_device (David Milburn) [718341] - [scsi] isci: kill smp_discover_response (David Milburn) [718341] - [scsi] isci: kill smp_discover_response_protocols (David Milburn) [718341] - [scsi] isci: cleanup remote device construction and comments (David Milburn) [718341] - [scsi] isci: move remote_device handling out of the core (David Milburn) [718341] - [scsi] isci: unify remote_device data structures (David Milburn) [718341] - [scsi] isci: remove rnc->device back pointer (David Milburn) [718341] - [scsi] isci: make remote_node_context member of remote_device (David Milburn) [718341] - [scsi] isci: rely on irq core for intx muxing, silence screamer (David Milburn) [718341] - [scsi] isci: give this_* and the_* vars more meaningful names (David Milburn) [718341] - [scsi] isci: audit usage of BUG_ON macro in isci driver (David Milburn) [718341] - [scsi] isci: sparse warnings cleanup (David Milburn) [718341] - [scsi] isci: replace sci_sas_link_rate with sas_linkrate (David Milburn) [718341] - [scsi] isci: remove base_phy abstraction (David Milburn) [718341] - [scsi] isci: remove base_port abstraction (David Milburn) [718341] - [scsi] isci: remove base_remote_device abstraction (David Milburn) [718341] - [scsi] isci: remove scic_controller state handlers (David Milburn) [718341] - [scsi] isci: simplify dma coherent allocation (David Milburn) [718341] - [scsi] isci: simplify request state handlers (David Milburn) [718341] - [scsi] isci: kill dead data structurs in scic_io_request.h (David Milburn) [718341] - [scsi] isci: remove base_request abstraction (David Milburn) [718341] - [scsi] isci: remove base_controller abstraction (David Milburn) [718341] - [misc] kernel: add BUILD_BUG_ON_NOT_POWER_OF_2 (David Milburn) [718341] - [misc] jiffies: add time_is_after_jiffies (David Milburn) [718341] - [net] igbvf: driver update for RHEL5.8 (Stefan Assmann) [714316] - [net] igb: driver update for RHEL5.8 (Stefan Assmann) [714313] - [net] qlge: Version change to v1.00.00.29 (Chad Dupuis) [714242] - [net] qlge: Adding LICENSE file for qlge (Chad Dupuis) [714242] - [net] qlge: Fix printk prio so fatal errors always reported (Chad Dupuis) [714242] - [net] qlge: Fix crash caused by mailbox execution on wedged chip (Chad Dupuis) [714242] - [net] qlge: make nic_operations struct const (Chad Dupuis) [714242] - [net] qlge: Fix incorrect use of modparams and netdev msg level (Chad Dupuis) [714242] - [net] qlge: Remove unnecessary casts of netdev_priv (Chad Dupuis) [714242] - [net] qlge: Generate the coredump to ethtool user buffer (Chad Dupuis) [714242] - [net] qlcnic: Change CDRP function (Chad Dupuis) [714232] - [net] qlcnic: Added error logging for firmware abort (Chad Dupuis) [714232] - [net] qlcnic: add beacon test support (Chad Dupuis) [714232] - [net] qlcnic: fix cdrp race condition (Chad Dupuis) [714232] - [net] qlcnic: Change debug messages in loopback path (Chad Dupuis) [714232] - [net] qlcnic: Add FLT entry for CO cards FW image region (Chad Dupuis) [714232] - [net] qlcnic: detect fan failure (Chad Dupuis) [714232] - [net] qlcnic: Add NETIF_F_VLAN_SG flag (Chad Dupuis) [714232] - [net] qlcnic: fix ethtool link status (Chad Dupuis) [714232] - [net] qlcnic: Added debug info (Chad Dupuis) [714232] - [net] qlcnic: Move get template from probe to start fw (Chad Dupuis) [714232] - [net] qlcnic: Fix delay in reset path (Chad Dupuis) [714232] - [net] qlcnic: FW dump related changes (Chad Dupuis) [714232] - [net] qlcnic: Fix env var for udev event during FW dump (Chad Dupuis) [714232] - [net] qlcnic: change capture mask for FW dump (Chad Dupuis) [714232] - [net] qlcnic: define error code for loopback test (Chad Dupuis) [714232] - [net] qlcnic: fix race in skb->len access (Chad Dupuis) [714232] - [net] qlcnic: enable mac-learning in promiscous mode (Chad Dupuis) [714232] - [net] qlcnic: updated supported cards information (Chad Dupuis) [714232] - [net] qlcnic: fix chip reset logic (Chad Dupuis) [714232] - [net] qlcnic: add external loopback support through sysfs (Chad Dupuis) [714232] - [net] qlcnic: multi protocol internal loopback support added (Chad Dupuis) [714232] - [net] qlcnic: Add support to enable/disable FW dump capability (Chad Dupuis) [714232] - [net] qlcnic: fix default operating state of interface (Chad Dupuis) [714232] - [net] qlcnic: fix initial number of msix entries in adapter (Chad Dupuis) [714232] - [net] qlcnic: Add code to tune FW dump (Chad Dupuis) [714232] - [net] qlcnic: Remove holding api lock while taking the dump (Chad Dupuis) [714232] - [net] qlcnic: Add capability to take FW dump deterministically (Chad Dupuis) [714232] - [net] qlcnic: Added sysfs node support (Chad Dupuis) [714232] - [net] qlcnic: Remove casts of void * (Chad Dupuis) [714232] - [net] qlcnic: Avoid double free of skb in tx path (Chad Dupuis) [714232] - [net] qlcnic: Fix bug in FW queue dump (Chad Dupuis) [714232] - [net] qlcnic: Bumped up version number to 5.0.18 (Chad Dupuis) [714232] - [net] qlcnic: FW dump support (Chad Dupuis) [714232] - [net] qlcnic: Support for GBE port settings (Chad Dupuis) [714232] - [net] qlcnic: configure number of RSS rings using sysfs (Chad Dupuis) [714232] - [net] qlcnic: Update version number to 5.0.16 (Chad Dupuis) [714232] - [net] qlcnic: Fix LRO disable (Chad Dupuis) [714232] - [net] qlcnic: Use flt method to determine flash fw region (Chad Dupuis) [714232] - [net] qlcnic: Remove unused code (Chad Dupuis) [714232] - [net] qlcnic: Code optimization patch (Chad Dupuis) [714232] - [net] qlcnic: Cleanup patch (Chad Dupuis) [714232] - [net] qlcnic: Memory leak fix (Chad Dupuis) [714232] - [net] qlcnic: Make PCI info available in all modes (Chad Dupuis) [714232] - [misc] Add rounddown_pow_of_two routine to log2.h (Chad Dupuis) [714232] - [pci] add latency tolerance reporting enable/disable support (Myron Stowe) [714171] - [pci] Assign values to pci_obff_signal_type enumeration (Myron Stowe) [714171] - [pci] add OBFF enable/disable support (Myron Stowe) [714171] - [pci] add ID-based ordering enable/disable support (Myron Stowe) [714171] - [pci] introduce pci_is_pcie (Myron Stowe) [714171] - [pci] introduce pci_pcie_cap (Myron Stowe) [714171] - [sound] hda: ALSA Panther Point Audio Support (Jaroslav Kysela) [713663] - [sound] hda: Enable snoop bit for AMD controllers (Jaroslav Kysela) [713366] - [fs] hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops (Phillip Lougher) [712776] - [fs] nfs: return error in callback if encode/decode fails (Dave Wysochanski) [709515] - [net] tcp: Shrink syncookie_secret by 8 bytes (Thomas Graf) [705484] - [scsi] device_handler: Attach to UNAVAILABLE/OFFLINE AAS devices (Mike Christie) [700082] - [net] cxgb3: Apply interrupt coalescing settings to all queues (Neil Horman) [694583] - [mm] page-writeback: fix calculation of oldest_jif in wb_kupdate (Jarod Wilson) [691087] - [block] nbd: add a user-settable timeout for I/O (Jeff Moyer) [676491] - [net] ipv6: ignore looped-back NA while dad is running (Thomas Graf) [668027] - [net] sctp: Set correct error cause value for missing parameters (Thomas Graf) [629938] - [net] Prevent pktgen from sending shared skbs (Neil Horman) [575938] - [md] raid10: fix far resync data corruptor (Doug Ledford) [468379] - [xen] x86: Clear IRQ_GUEST when setting action to NULL (Igor Mammedov) [713221] - [xen] x86: check for NULL desc->action when unbinding guest pirq (Igor Mammedov) [713221] - [xen] x86: fix msi_free_irq (Igor Mammedov) [713221] - [xen] x86: teardown_msi_irq is not needed (Igor Mammedov) [713221] - [xen] x86: irq removal rewrite (Igor Mammedov) [713221] - [xen] x86: Move interrupt vector management to irq.c (Igor Mammedov) [713221] [2.6.18-287.el5] - [parport] Enable StarTech PEX1P Parallel Port (Prarit Bhargava) [739758] - [crypto] padlock: Fix spurious ECB page fault (Milan Broz) [739468] - [fs] gfs2: speed up large file delete/unlink (Robert S Peterson) [738440] - [virt] xen: don't hardcode is_running_on_xen for PV-on-HVM (Laszlo Ersek) [734708] - [s390] kernel: remove code to handle topology interrupts (Hendrik Brueckner) [732736] - [net] cxgb3: Fix NULL pointer dereference in t3_l2t_get (Neil Horman) [721173] - [misc] kernel: plug taskstats io infoleak (Jerome Marchand) [716846] {CVE-2011-2494} - [x86_64] io_apic: only scan the root bus in early PCI quirks (Dave Maley) [716552] - [net] bnx2: Update to latest upstream version 2.1.11 (Neil Horman) [715392] - [usb] Make device reset stop retrying after disconnect (Don Zickus) [709699] - [acpi] Call _PDC before retrieving CPU information (Matthew Garrett) [707642] - [net] tg3: Fix io failures after chip reset (John Feeney) [702346 731098] - [net] ipv6: properly use ICMP6MSGOUT_INC_STATS in ndisc_send_skb (Jiri Pirko) [698728] - [net] sctp: Mark tsn as received after all allocations finish (Max Matveev) [696430] - [scsi] Reduce error recovery time by reducing use of TURs (Mike Christie) [694625] - [scsi] don't fail scans when host is in recovery (Rob Evers) [657345] - [video] radeonfb: block use of low refresh 800x600-43 on pseries (Dave Airlie) [638576] [2.6.18-286.el5] - [net] benet: Add missing comma between constant string array (Ivan Vecera) [714291] - [net] be2net: create/destroy rx-queues on interface open/close (Ivan Vecera) [714291] - [net] be2net: fix initialization of vlan_prio_bmap (Ivan Vecera) [714291] - [net] be2net: Remove casts of void pointers (Ivan Vecera) [714291] - [net] be2net: Fix Rx pause counter for lancer (Ivan Vecera) [714291] - [net] be2net: use older opcode if MCC_CREATE_EXT not supported (Ivan Vecera) [714291] - [net] be2net: fix set but unused var in lancer_fw_download (Ivan Vecera) [714291] - [net] be2net: Enable SR-IOV for Lancer hardware (Ivan Vecera) [714291] - [net] be2net: FW download for Lancer hardware (Ivan Vecera) [714291] - [net] be2net: implement stats for Lancer hardware (Ivan Vecera) [714291] - [net] be2net: Support for version 1 of stats for BE3 (Ivan Vecera) [714291] - [net] be2net: fix mbox polling for signal reception (Ivan Vecera) [714291] - [net] be2net: handle signal reception while waiting for POST (Ivan Vecera) [714291] - [net] be2net: Fix to prevent flooding of TX queue (Ivan Vecera) [714291] - [net] be2net: In case of UE, do not dump registers for Lancer (Ivan Vecera) [714291] - [net] be2net: Disable coalesce water mark mode of CQ for Lancer (Ivan Vecera) [714291] - [net] be2net: Handle error completion in Lancer (Ivan Vecera) [714291] - [net] be2net: fix bugs related to PVID (Ivan Vecera) [714291] - [net] be2net: fix wrb reuse and misc bugs in be_cmd_get_regs (Ivan Vecera) [714291] - [net] be2net: pass domain id to be_cmd_link_status_query (Ivan Vecera) [714291] - [net] be2net: fix be_mcc_compl_process to id eth_get_stat command (Ivan Vecera) [714291] - [net] be2net: display nic speeds other than 1Gbps/10Gbps (Ivan Vecera) [714291] - [net] be2net: allow register dump only for PFs (Ivan Vecera) [714291] - [net] be2net: Fix unused-but-set variables (Ivan Vecera) [714291] - [net] be2net: Use netdev_alloc_skb_ip_align (Ivan Vecera) [714291] - [net] be2net: call FLR after setup wol in be_shutdown (Ivan Vecera) [714291] - [net] be2net: dynamically allocate adapter->vf_cfg (Ivan Vecera) [714291] - [net] be2net: fix to get max VFs supported from adapter (Ivan Vecera) [714291] - [net] be2net: use common method to check for sriov function type (Ivan Vecera) [714291] - [net] be2net: Fix a potential crash during shutdown (Ivan Vecera) [714291] - [net] be2net: remove one useless line (Ivan Vecera) [714291] - [net] be2net: cancel be_worker on shutdown even when i/f is down (Ivan Vecera) [714291] - [net] be2net: remove redundant code in be_worker (Ivan Vecera) [714291] - [net] be2net: parse vid/vtm rx-compl fields only if vlanf bit set (Ivan Vecera) [714291] - [net] be2net: refactor code that decides adapter->num_rx_queues (Ivan Vecera) [714291] - [net] be2net: add ethtool FAT dump retrieval support (Ivan Vecera) [714291] - [mm] s390: fix first time swap use results in heavy swapping (Hendrik Brueckner) [722482] - [mm] fix rotate_reclaimable_page deadlock and clean up (Jerome Marchand) [699549] [2.6.18-285.el5] - [ata] ahci: Add missing Panther Point SATA RAID DeviceID (Prarit Bhargava) [735369] - [scsi] megaraid: remove obsolete megaraid_sas.c (Tomas Henzl) [735120] - [net] Compute protocol seq numbers and fragment IDs using MD5 (Jiri Pirko) [732663] - [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732663] - [s390] kernel: fix NSS creation with initrd (Hendrik Brueckner) [730779] - [virt] xen: fix GFP mask handling in dma_alloc_coherent (Laszlo Ersek) [730247] - [fs] nfs: Fix client not honoring nosharecache mount option (David Jeffery) [730097] - [pci] check pm support before looking at individual power states (Stefan Assmann) [716834] - [mm] avoid wrapping vm_pgoff in mremap and stack expansion (Jerome Marchand) [716544] {CVE-2011-2496} - [md] bitmap: protect against bitmap removal while being updated (Stanislaw Gruszka) [711536] - [scsi] scsi_dh_rdac: link HBA and storage to support partitions (Mike Snitzer) [710014] - [scsi] scsi_dh_rdac: use WWID from C8 page to identify storage (Mike Snitzer) [710014] - [x86] nmi: make NMI_NONE default watchdog in x86_64 hvm guests (Laszlo Ersek) [707966] - [mm] Fix incorrect off-by-one centisec dirty values (Larry Woodman) [691087] - [net] bnx2x: fix bringup of BCM57710 (Michal Schmidt) [680411] - [fs] ext{2,3}: fix file date underflow on fs on 64 bit systems (Eric Sandeen) [655174] - [xen] fix nodes' memory parsing with future-hotplug memory range (Laszlo Ersek) [543064] [2.6.18-284.el5] - [net] be2net: request native mode each time the card is reset (Ivan Vecera) [720501] - [net] be2net: fix the ethtool op to set Tx CSUM (Ivan Vecera) [718187] - [net] be2net: remove bogus unlikely on vlan check (Ivan Vecera) [730239] - [net] be2net: non-member vlan pkts not received in promisc mode (Ivan Vecera) [730239] - [net] be2net: Use NTWK_RX_FILTER command for promiscous mode (Ivan Vecera) [730239] - [net] be2net: fix crash receiving non-member VLAN packets (Ivan Vecera) [730239] - [virt] xen/netfront: no disable s/g when renegotiating features (Paolo Bonzini) [733416] - [fs] ecryptfs: Add mount option to check uid of mounting device (Eric Sandeen) [731174] {CVE-2011-1833} - [s390] kernel: fix system hang if hangcheck timer expires (Hendrik Brueckner) [730313] - [s390] qeth: fix wrong number of output queues for HiperSockets (Hendrik Brueckner) [730319] - [scsi] qla2xxx: Re-add checks for null fcport references (Chad Dupuis) [728219] - [fs] aio: fix aio+dio completion path regression w/3rd-party bits (Jeff Moyer) [727504] - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723431] - [net] ipv6: Remove unused skb argument of ipv6_select_ident (Jiri Pirko) [723431] - [s390] dasd: fix bug in dasd initialization cleanup (Hendrik Brueckner) [723491] - [virt] xen: attach host CD-ROM to PV guest as vbd (Laszlo Ersek) [717434] - [misc] taskstats: don't allow duplicate entries in listener mode (Jerome Marchand) [715450] {CVE-2011-2484} - [scsi] ipr: bump the version number (Steve Best) [714258] - [scsi] ipr: remove unneeded volatile declarations (Steve Best) [714258] - [scsi] ipr: fix synchronous request flags for better performance (Steve Best) [714258] - [scsi] ipr: fix buffer overflow (Steve Best) [714258] - [s390] qdio: reset error states immediately (Hendrik Brueckner) [709712] - [usb] fix interface sysfs file-creation bug (Don Zickus) [637930] - [usb] don't touch sysfs stuff when altsetting is unchanged (Don Zickus) [637930] - [base] Fix potential deadlock in driver core (Don Zickus) [637930] - [virt] xen: more informative messages after resize (Laszlo Ersek) [618317] - [virt] xen: support online dynamic resize of guest virtual disks (Laszlo Ersek) [618317] - [virt] xen: Move definition of struct backend_info to common spot (Laszlo Ersek) [618317] - [net] bonding: fix panic if initialization fails (Andy Gospodarek) [608156] - [net] gro: Only reset frag0 when skb can be pulled (Herbert Xu) [679682] {CVE-2011-2723} - [net] sctp: fix memory reclaim and panic in sctp_sock_rfree (Thomas Graf) [714870] {CVE-2011-2482} - [xen] lower BOOT_TRAMPOLINE, sync early stack & trampoline_gdt (Laszlo Ersek) [716788] - [xen] x86_64: bump default NR_CPUS to 256 and trim debug log spam (Laszlo Ersek) [714053] - [xen] passthrough: block VT-d MSI trap injection (Paolo Bonzini) [716302] - [xen] hvm/svm: fix task switch (Paolo Bonzini) [720936] - [xen] hvm: exclude VMX_PROCBASED_CTL2 from MSRs guest can access (Paolo Bonzini) [732752] - [xen] iommu: disable bus-mastering on hw that causes IOMMU fault (Laszlo Ersek) [730343] {CVE-2011-3131} - [xen] x86_emulate: Fix SAHF emulation (Igor Mammedov) [718884] {CVE-2011-2519} - [xen] fix off-by-one shift in x86_64 __addr_ok (Laszlo Ersek) [719850] {CVE-2011-2901} [2.6.18-283.el5] - [fs] nfsd: don't allow fl_break callback to sleep (Jeff Layton) [721200] - [fs] locks: move lease lock alloc earlier in generic_setlease (Jeff Layton) [721200] - [fs] locks: when unlocking lease, skip locking-related steps (Jeff Layton) [721200] - [fs] locks: fix a lease return-value mixup (Jeff Layton) [721200] - [fs] locks: Fix potential OOPS in generic_setlease (Jeff Layton) [721200] - [usb] auerswald: fix buffer overflow (Don Zickus) [722396] {CVE-2009-4067} - [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [732471] - [fs] cifs: revert special handling for matching krb5 sessions (Jeff Layton) [697396] - [fs] cifs: check for NULL session password (Jeff Layton) [697396] - [fs] cifs: fix NULL pointer dereference in cifs_find_smb_ses (Jeff Layton) [697396] - [fs] cifs: clean up cifs_find_smb_ses (Jeff Layton) [697396] - [net] be2net: account for skb allocation failures (Ivan Vecera) [730108] - [fs] mbcache: Limit the maximum number of cache entries (Eric Sandeen) [729261] - [net] bnx2x: downgrade Max BW error message to debug (Michal Schmidt) [727614] - [net] sock: do not change prot->obj_size (Jiri Pirko) [725713] - [net] be2net: Fix Tx stall issue (Ivan Vecera) [722549] - [net] be2net: rx-dropped wraparound fix (Ivan Vecera) [722302] - [net] be2net: fix netdev_stats_update (Ivan Vecera) [722302] - [net] bonding: make 802.3ad use latest lacp_rate (Jiri Pirko) [718641] - [net] bonding: Rename rx_machine_lock to state_machine_lock (Jiri Pirko) [718641] - [net] bonding: Fix 802.3ad state machine locking (Jiri Pirko) [718641] - [net] bonding: add missing xmit_hash_policy=layer2+3 info (Weiping Pan) [717850] - [powerpc] eeh: Display eeh error location for bus and device (Steve Best) [712418] - [powerpc] eeh: Handle functional reset on non-PCIe device (Steve Best) [712418] - [powerpc] eeh: Propagate needs_freset flag to device at PE (Steve Best) [712418] - [powerpc] eeh: Add support for ibm, configure-pe RTAS call (Steve Best) [712418] - [fs] cifs: don't allow cifs_reconnect exit w/NULL socket pointer (Jeff Layton) [704921] - [fs] cifs: clarify the meaning of tcpStatus == CifsGood (Jeff Layton) [704921] - [fs] cifs: split posix open/mkdir from legacy mkdir in stats (Jeff Layton) [706339] - [virt] xen: plug leaks in netfront::setup_device (Laszlo Ersek) [703150] - [virt] xen: ensure dynamic IRQ allocation success (Laszlo Ersek) [703150] - [net] vlan: correct pkt_type if it matches changed mac (Weiping Pan) [698928] - [virt] xen: Allow arbitrary mtu size until frontend connected (Paolo Bonzini) [697021] - [fs] proc: Fix procfs race vs rmmod or hot-remove (David Howells) [675781] - [virt] xen: empty stale MSI-X vector set when resetting device (Laszlo Ersek) [688673] - [virt] xen: msi cleanup after destroyed domain (Laszlo Ersek) [688673] - [xen] unsigned int corrections (Laszlo Ersek) [648596] [2.6.18-282.el5] - Fix infrastructure error that led to recent xen patches not applying [2.6.18-281.el5] - Bump NVR due to buildsystem problems during prior build [2.6.18-280.el5] - Revert: [virt] xen/netback: Remove auto/premature netif queue (Jarod Wilson) [714283] [2.6.18-279.el5] - [char] tpm: Fix uninitialized usage of data buffer (Stanislaw Gruszka) [684673] {CVE-2011-1160} - [serial] 8250: Fix capabilities when changing the port type (Steve Best) [707051] - [serial] 8250_pci: EEH support for IBM/Digi PCIe 2-port Adapter (Steve Best) [707051] - [serial] 8250_pci: add support for Digi/IBM PCIe 2-port Adapter (Steve Best) [707051] - [misc] hypervisor: fix race in interrupt hook code (Prarit Bhargava) [692966] - [sound] alsa: enable snoop for Intel Cougar Point in hda_intel (Prarit Bhargava) [699451] - [char] watchdog: TCO Watchdog support for Intel Panther Point PCH (Prarit Bhargava) [699451] - [i2c] i2c-i801: SMBus support for Intel Panther Point DeviceIDs (Prarit Bhargava) [699451] - [ata] ahci: AHCI mode for Intel Panther Point Device IDs (Prarit Bhargava) [699451] - [ata] ata_piix: IDE mode for Intel Panther Point Device IDs (Prarit Bhargava) [699451] - [misc] irq and pci_ids for Intel DH89xxCC DeviceIDs (Prarit Bhargava) [699451] - [misc] Identify IBM x3850 as multi-chassis (Prarit Bhargava) [700886] - [net] cnic, bnx2: Check iSCSI support early in bnx2_init_one (Neil Horman) [710272] - [virt] xen/netback: Remove auto/premature netif queue restart (Laszlo Ersek) [714283] - [fs] ext4: Fix max size and logical block counting of extent file (Lukas Czerner) [722563] {CVE-2011-2695} - [fs] nfs: don't use d_move in nfs_async_rename_done (Jeff Layton) [729446] - [fs] nfs: have nfs_flush_list issue FLUSH_SYNC writes in parallel (Jeff Layton) [728508] - [s390] crypto: fix prng error in initial seed calculation (Hendrik Brueckner) [709711] - [fs] nfsd: fix auto-sizing of nfsd request/reply buffers (J. Bruce Fields) [691927] - [fs] nfsd: Allow max size of NFSd payload to be configured (J. Bruce Fields) [691927] - [fs] nfsd: Prep knfsd to support rsize/wsize of 1MB, over TCP (J. Bruce Fields) [691927] - [misc] svcrpc: prepare svc_rqst for kabi-safe modification (J. Bruce Fields) [691927] - [xen] amd-iommu: Fix an interrupt remapping issue (Frank Arnold) [717976] - [xen] hvm: Fix possible guest tick losing after save/restore (Paolo Bonzini) [674663] - [xen] mm: fix race with ept_entry management (Andrew Jones) [729529] [2.6.18-278.el5] - [scsi] ipr: increase the dump size for 64 bit adapters (Steve Best) [710324] - [scsi] ipr: fix possible false positive detected stuck interrupt (Steve Best) [710324] - [scsi] ipr: improve interrupt service routine performance (Steve Best) [710324] - [scsi] ipr: add definitions for a new adapter (Steve Best) [710324] - [scsi] ipr: fix array error logging (Steve Best) [710324] - [net] igb: fix WOL on 2nd port on i350 (Stefan Assmann) [718988] - [misc] irq: fix interrupt handling for kdump under high load (Stefan Assmann) [720212] - [fs] xfs: fix overflow in xfs_growfs_data_private (Eric Sandeen) [652494] - [fs] ext4: Don't error out fs if user tries to make file too big (Eric Sandeen) [715501] - [x86_64] vdso: Fix possible sign extension/overflow (Prarit Bhargava) [703505] - [x86_64] Revert ACPI APIC mode test (Prarit Bhargava) [721361] - [net] ipv6: configure bond slaves to allow NA frames on failover (Neil Horman) [694435] - [virt] xen: plug evtchn leak in PV-on-HVM device detach (Laszlo Ersek) [697927] - [virt] xen/netback: wait for hotplug complete before Connected (Laszlo Ersek) [720347] - [virt] xen: Partially revert the netback side of 14bee682 (Laszlo Ersek) [720347] - [fs] ext4: Allow indirect-block file to grow to max file size (Lukas Czerner) [715493] - [fs] nfs: Fix nfs_compat_user_ino64 with high bits set in fileid (Jeff Layton) [664829] - [fs] nfs: Open O_CREAT fails existing files on non writable dirs (J. Bruce Fields) [683372] - [xen] vmx: Accelerate VLAPIC EOI writes (Paolo Bonzini) [720986] - [xen] x86/hvm: fix off-by-one errors in vcpuid range checks (Paolo Bonzini) [712441] - [xen] x86: extend debug key t to collect useful clock skew info (Paolo Bonzini) [712439] - [xen] svm: Reported SS.DPL must equal CPL, as assumed by HVM (Paolo Bonzini) [605617] - [xen] hvm: support more opcodes for MMIO (Paolo Bonzini) [723755] - [xen] x86: Disable writeback if BSF/BSR are passed zero input (Igor Mammedov) [713702] - [xen] x86: BT instruction does not write to its dest operand (Igor Mammedov) [713702] - [xen] x86: INS/OUTS need Mov attribute to force writeback (Igor Mammedov) [713702] - [xen] x86: Fix IMUL r/m8 emulation (Igor Mammedov) [713702] - [xen] x86: Fix MUL emulation (Igor Mammedov) [713702] - [xen] x86: fix side-effect macro call (Igor Mammedov) [713702] - [xen] x86: Fix CLTS emulation (Igor Mammedov) [713702] - [xen] x86: Near JMP (Grp5 /3) shouldn't write back to its operand (Igor Mammedov) [713702] - [xen] x86: Certain opcodes are only valid with a memory operand (Igor Mammedov) [713702] - [xen] x86: Correct RIP-relative addr offset w/immediate byte op (Igor Mammedov) [713702] [2.6.18-277.el5] - [net] sctp: reset packet information after packet transmit (Thomas Graf) [725573] - [fs] block: initialise bd_super in bdget (Lachlan McIlroy) [707425] - [fs] nfs: Remove bogus call to nfs4_drop_state_owner (Jeff Layton) [724923] - [net] be2net: hash key for rss-config cmd not set (Ivan Vecera) [714244] - [net] be2net: enable SG, CSO and TSO with VLAN offloading (Ivan Vecera) [714272] - [net] be2net: clear interrupt bit in be_probe (Ivan Vecera) [713703] - [net] be2net: remove certain cmd failure logging (Ivan Vecera) [716821] [2.6.18-276.el5] - [wireless] nl80211: check for valid SSID size in scan operation (Stanislaw Gruszka) [718155] {CVE-2011-2517} - [fs] xfs: handle NULL mount struct in error reports (Eric Sandeen) [720551] - [fs] proc: restrict access to /proc/PID/io (Oleg Nesterov) [716828] {CVE-2011-2495} - [fs] lockd: don't use file's credentials on RPCSEC_GSS mounts (Max Matveev) [701574] - [fs] xfs: add a missing mutex_unlock to a dio error path (Jeff Moyer) [718232] - [net] sunrpc: Don't hang forever on NLM unlock requests (Jeff Layton) [709547] {CVE-2011-2491} - [fs] gfs2: force a log flush when invalidating the rindex glock (Benjamin Marzinski) [713229] - [x86] io_apic: Convert tick to interrupt when checking timer irq (Amos Kong) [698842] - [x86] io_apic: Make kernel option 'no_timer_check' always work (Amos Kong) [698842] - [x86] io_apic: Compare jiffies with other values by time_after (Amos Kong) [698842] - [xen] Fix x86_emulate handling of imul with immediate operands (Igor Mammedov) [700565] [2.6.18-275.el5] - [fs] Fix wrongly vfree'ing a kmalloc'ed area (Larry Woodman) [719495] - [fs] dlm: bump default hash table and maximum allocatable sizes (Bryn M. Reeves) [715603] - [net] tipc: Overhaul of socket locking logic (Max Matveev) [704192] MODERATE Copyright 2012 Oracle, Inc. CVE-2011-1083 Oracle Linux 5 [0.12.2-51.0.1.el5] - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz [0.12.2-51] - Fix bz711494 (CVE-2011-1948 plone: reflected XSS vulnerability) - Fix bz771920 (CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019) [0.12.2-45] - Fix bz751359 (Add luci support for fence_ipmilan's -L option) [0.12.2-44] - Fix bz577019 (CVE-2010-1104 zope: XSS on error page) [0.12.2-42] - Fix bz755935 (luci_admin man page is misleading) - Fix bz755941 (luci_admin restore is not consistent) [0.12.2-40] - Fix excluding busy nodes not working properly in luci internals. [0.12.2-38] - Additional fix for bz734562 (Improve Luci's resource name validation) [0.12.2-37] - Additional fix for bz734562 (Improve Luci's resource name validation) [0.12.2-36] - Bump version of the luci database. [0.12.2-35] - Fix bz739600 (conga allows erroneous characters in resource) - Fix bz734562 (Improve Luci's resource name validation) [0.12.2-34] - Fix bz709478 (Ricci fails to detect if host if virtual machine capable) - Fix bz723000 (Modifying an existing shared resource will not update the reference in the cluster.conf) - Fix bz723188 (Luci does not allow to modify __max_restarts and __restart_expire_time for independent subtrees, only for non-critical resources) [0.12.2-33] - Fix bz732483 (Create new cluster fails with luci when installing packages.) MODERATE Copyright 2012 Oracle, Inc. CVE-2010-1104 CVE-2011-1948 Oracle Linux 5 [1.102pre-154.0.3] - mkdumprd.orig get packed, remove it. [1.102pre-154.0.2] - fix mounting root fs on labeled disk (Maxim Uvarov) [orabug: 13709374] [1.102pre-154.0.1] Merge following patches from mkinitrd: - mkinitrd-fix-san-boot.patch - mkinitrd-fix-shared-lib-library-path.patch - mkinitrd-5.1.19.6-libfirmware-subdir-include.patch - mkinitrd-fix-setquiet-for-non-verbose.patch - add-option-to-forceload-multipath.patch - Update kexec-kdump-howto.txt with Oracle references - Add mkdumprd load firmware support [orabug 10432768] - Updated makedumpfile to el6 version (Herbert van den Bergh) [orabug 10088607] - Merged UEK modification,Updated Source1 kdump.init Added --allow-missing for rebuilding kdump_initrd - Updated kexec-kdump-howto.txt with Oracle references [1.102pre-154] - Add xfs support, resolve bug 668706. [1.102pre-153] - Avoid recursive directory deletion when unmount failed, from Cai Qian. Resolve bug 781907. [1.102pre-152] - Replace sed with awk in interface-mapping code, resolve bug 765702. [1.102pre-151] - Set pipefail to catch errors in a pipe, resolve bug 761336. [1.102pre-150] - Remove the restriction for Xen HVM guests, resolve bug 743217. [1.102pre-149] - Honor the resettable flag, resolve bug 761048. [1.102pre-148] - Revert the patch in -144, resolve bug 755781. From Cai Qian. [1.102pre-147] - Poll every ifcfg file to get bridge members, resolve bug 760844. [1.102pre-146] - Don't add default gateway when there is none. Resolve bug 759006. [1.102pre-145] - Bypass blacklist option for target checking. Resolve bug 690678. [1.102pre-144] - Change the default core_collector for raw dump to makedumpfile. Resolve bug 755781. [1.102pre-143] - Support static route. Resolve bug 715531. [1.102pre-142] - Fix some security flaws. Resolve bug 743163. [1.102pre-141] - Remove two unused patches. [1.102pre-140] - Fix link_delay regression since -135, resolve bug 753684. [1.102pre-139] - Improve debugfs mounting code, from Dave Young. Resolve bug 748749. [1.102pre-138] - Backport blacklist option. Resolve bug 690678. [1.102pre-137] - Fix link_delay handling code. Resolve bug 682359. [1.102pre-136] - Add /etc/fstab into initrd, resolve Bug 748319. [1.102pre-135] - Support dump over vlan tagged bond. Resolve bug 682359. [1.102pre-134] - Fix two trivial bugs, Bug 709622 and Bug 662530. [1.102pre-133] - Support software iscsi as dump target, from Vivek Goyal. Resolve bug 719384. [1.102pre-132] - Add the missing part of the previous patch. Resolve bug 696547. [1.102pre-131] - Get the backup memory region dynamically. Resolve bug 678308. [1.102pre-130] - Add ext4 module. Resolve bug 667791. [1.102pre-129] - Updating release to force brew rebuild [1.102pre-128] - Check fsck.ext4 binary before include it. Resolve bug 667791. [1.102pre-127] - Add ext4 support, from Dave Maley. Resolve bug 667791. MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3588 CVE-2011-3589 CVE-2011-3590 Oracle Linux 5 [1.7-9.62.0.1.el5] - add patch to remove all sysrq echo commands from sysreport.legacy (John Sobecki) [orabug 11061754] - comment out rh-upload-core and README.rh-upload-core in specfile [1.7-9.62] - Always log plugin exceptions that are not raised to the interpreter Resolves: bz717480 - Ensure relative symlink targets are correctly handled when copying Resolves: bz717962 - Correctly handle libxml2 parser exceptions when reading cluster.conf Resolves: bz750573 - Update Red Hat Certificate System plugin for current versions Resolves: bz627416 [1.7-9.61] - Make single threaded operation default and add --multithread to override Resolves: bz708346 - Support multiple possible locations of VRTSexplorer script Resolves: bz565996 - Collect wallaby dump and inventory information in mrggrid plugin Resolves: bz641020 [1.7-9.60] - Add ethtool pause, coalesce and ring (-a, -c, -g) options to network plugin Resolves: bz726421 - Update MRG grid plugin to collect additional logs and configuration Resolves: bz641020 [1.7-9.59] - Fix collection of symlink destinations when copying directory trees Resolves: bz717962 - Allow plugins to specify non-root symlinks for collected command output Resolves: bz716987 - Ensure custom rsyslog destinations are captured and log size limits applied Resolves: bz717167 [1.7-9.58] - Add basic plugin for Veritas products Resolves: bz565996 - Do not collect subscription manager keys in general plugin Resolves: bz750606 - Fix gfs2 plugin use of callExtProg API Resolves: bz667783 [1.7-9.57] - Fix exceptions and file naming in gfs2 plugin Resolves: bz667783 [1.7-9.56] - Fix translation for fr locale Resolves: bz641020 [1.7-9.55] - Add basic Infiniband plugin Resolves: bz673246 - Add plugin for scsi-target-utils iSCSI target Resolves: bz677123 - Fix handling of TMP environment variable Resolves: bz733133 - Correctly determine kernel version in cluster plugin Resolves: bz742567 - Add libvirt plugin Resolves: bz568635 - Add gfs2 plugin to supplement cluster data collection Resolves: bz667783 LOW Copyright 2012 Oracle, Inc. CVE-2011-4083 Oracle Linux 5 [6.2.8.0-12.el5] - Add fix for CVE-2010-4167 (767142) [6.2.8.0-11.el5] Fix assertion failed when using 'identify -verbose' when theres no image information available (502626) [6.2.8.0-10.el5] Fix memory allocation failure when using color option (616538) Fix hang when converting broken GIF (693989) Fix conversion of rotated landscape PDF (694922) [6.2.8.0-9.el5] Fix a deadlock with semaphore (530592) [6.2.8.0-8.el5] - Fix page size argument parsing (580535) [6.2.8.0-7.el5] - Fix SGI image decoding (498063) [6.2.8.0-6.el5] - Add fix for CVE-2009-1882 (504305) [6.2.8.0-5.el5] - update quantum memory patch (necessary for CVE fixes) - backport functionality for SetImageExtent (necessary for CVE fixes) - Add patch for CVE-2008-1096 (#286411) - Add patch for CVE-2008-1097 (#285861) - update patch for CVE-2007-4986 LOW Copyright 2012 Oracle, Inc. CVE-2010-4167 Oracle Linux 5 [1:1.3.7-30] - Backported patch to fix transcoding for ASCII (bug #759081, STR #3832). [1:1.3.7-29] - The imageto* filters could crash with bad GIF files (CVE-2011-2896, STR #3867, STR #3914, bug #752118). [1:1.3.7-28] - Web interface didn't show completed jobs for printer (STR #3436, bug #625900) - Serial backend didn't allow a raw job to be canceled (STR #3649, bug #625955) - Fixed condition in textonly filter to create temporary file regardless of the number of copies specified. (bug #660518) [1:1.3.7-27] - Call avc_init() only once to not leak file descriptors (bug #668009). LOW Copyright 2012 Oracle, Inc. CVE-2011-2896 Oracle Linux 5 [1.1.1-48.90.0.1.el5] - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file [1.1.1-48.90] - cve-2011-4028.patch: File existence disclosure vulnerability. [1.1.1-48.88] - cve-2011-4818.patch: Multiple input sanitization flaws in Render and GLX - xorg-x11-server-1.1.0-mesa-copy-sub-buffer.patch: Likewise. [1.1.1-48.87] - xserver-1.1.1-fbdev-iterate-modes.patch: fix fbdev driver not iterating across all modes of a certain dimension (#740497) [1.1.1-48.86] - xserver-1.1.1-midc-double-free.patch: Don't double-free the picture for the root window when using the mi (software) cursor path. (#674741) [1.1.1-48.85] - xserver-1.1.1-bigreqs-buffer-size.patch: Fix BIG-REQUESTS buffer size (#555000) [1.1.1-48.84] - xserver-1.1.1-xinerama-crash.patch: Fix a crash in XineramaQueryScreens when client is swapped (#588346) [1.1.1-48.83] - xserver-1.1.1-xephyr-keymap.patch: Fix types in Xephyr keymap setup (#454409) [1.1.1-48.82] - xserver-1.1.1-wideline-overflow.patch: Fix integer overflow in wide line renderer (#649810) [1.1.1-48.81] - Fix mouse stuck on edge (#529717) [1.1.1-48.80] - xserver-1.1.1-bs-crash.patch: Fix a crash in backing store. (#676270) [1.1.1-48.79] - xserver-1.1.1-randr-fix-mouse-crossing.patch: fix zaphod mouse crossing (#559964) [1.1.1-48.78] - cve-2010-1166.patch: Fix broken modulo math in Render and arc code. Identical to xserver-1.1.1-mod-macro-parens.patch in 5.5.z. (#582651) [1.1.1-48.77] - xserver-1.1.1-dbe-validate-gc.patch: Validate the GC against both front and back buffers (#596899) LOW Copyright 2012 Oracle, Inc. CVE-2011-4028 Oracle Linux 5 [4:4.1-81] - 455664 adoptions of crontab orphans, forgot add buffer for list of orphans - Related: rhbz#455664 [4:4.1-80] - 654961 crond process ignores the changes of user's home directory needs bigger changes of code. The fix wasn't applied, detail in comment#11. - Related: rhbz#249512 [4:4.1-79] - CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file - Resolves: rhbz#741534 [4:4.1-78] - 625016 - crond requires a restart if mcstransd is stopped - Resolves: rhbz#625016 [4:4.1-78] - 460070 entries in cronjobs in /etc/cron.d are checked for valid syntax - Resolves: rhbz#460070 [4:4.1-78] - 455664 adoptions of crontab orphans - 249512 crontab should verify a user's access to PAM cron service - Resolves: rhbz#455664, rhbz#249512 [4:4.1-78] - 699621 and 699620 man page fix - 529632 service crond status return correct status - 480930 set correct pie options in CFLAGS and LDFLAGS - 476972 crontab error with @reboot entry - Resolves: rhbz#699621, rhbz#699620, rhbz#529632, rhbz#480930, rhbz#476972 LOW Copyright 2012 Oracle, Inc. CVE-2010-0424 Oracle Linux 5 [1.33.1-15] - Fix bugs in parsing invalid regexps - Resolves: #766755 [1.33.1-14] - Delete leftover .orig files after patches are successfully applied [1.33.1-13] - GCC 4.4 fixes - Resolves: #567722 [1.33.1-11] - Add a fix for thread safety bug in boost::regex - Build with -fno-strict-aliasing due to the sheer amount of warnings that we get. - Resolves: #472384 LOW Copyright 2012 Oracle, Inc. CVE-2008-0171 CVE-2008-0172 Oracle Linux 5 [1.6.1-70.el5] - add upstream patch for telnetd buffer overflow (CVE-2011-4862, #770351) [1.6.1-69.el5] - ftp: fix a static analysis should-never-happen NULL dereference (#750823) [1.6.1-68.el5] - backport fixes to teach libkrb5 to use descriptors higher than FD_SETSIZE to talk to a KDC by using poll() if it's detected at compile-time, revised (#701444, RT#6905) [1.6.1-67.el5] - add backported patch by way of jbarbuc to free subkeys created by the KDC while processing TGS requests (#708516) [1.6.1-66.el5] - add backported patch by way of several people to better avoid false detection of replay attacks when talking to systems with coarse time resolution (#713500) [1.6.1-65.el5] - ftpd: add backported patch to check for errors when calling setegid (MITKRB5-SA-2011-005, CVE-2011-1526, #719098) [1.6.1-64.el5] - klist: don't trip over referral entries when invoked with -s (#729067, RT#6915) LOW Copyright 2012 Oracle, Inc. CVE-2011-1526 Oracle Linux 5 [2.13-0.59.0.1.el5] - Merge UEK modification fix #10104470 - Import hwclock from util-linux-ng [Kris Van Hees] [2.13-0.59] - fix #768382 - CVE-2011-1675 CVE-2011-1677 util-linux various flaws [2.13-0.58] - fix #677452 - util-linux fails to build with gettext-0.17 [2.13-0.57] - fix #646300 - login doesn't update /var/run/utmp properly - fix #726572 - import missing fsfreeze into util-linux - fix #678430 - fdisk should not report error on 1gB LUNs - fix #699639 - mount man page is missing support for ext4/xfs - fix #650937 - blockdev man page missing information - fix #678407 - ipcs and ipcrm in wrong man section LOW Copyright 2012 Oracle, Inc. CVE-2011-1675 CVE-2011-1677 Oracle Linux 5 [1:1.2.0-13] - Resolves: #768083 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc insufficient checking of DHCP options' [1:1.2.0-12] - Resolves: #756723 'Kdump fails after findfs subcommand of busybox fails' [1:1.2.0-11] - Resolves: #689659 ''busybox cp' does not return a correct exit code when 'No space left on device'' LOW Copyright 2012 Oracle, Inc. CVE-2006-1168 CVE-2011-2716 Oracle Linux 5 [1.7.2p1-13] - patch: parse ldap.conf more closely to nss_ldap Resolves: rhbz#750318 [1.7.2p1-12] - added patch for CVE-2011-0010 Resolves: rhbz#757157 [1.7.2p1-11] - backported selinux support from 1.7.4p5 (#477185, #673157) - fixed bug in Runas_Spec group matching (#627543) - disable 'sudo -l' output word wrapping if the output is piped (#697111) - fixed overwriting of errno after execve failure (#673157) - fixed segmentation fault (#673072) - add a sudoers entry to the nsswitch.conf file on install (and delete it on uninstall) (#617061) Resolves: rhbz#697111 Resolves: rhbz#673157 Resolves: rhbz#673072 Resolves: rhbz#627543 Resolves: rhbz#617061 Resolves: rhbz#477185 LOW Copyright 2012 Oracle, Inc. CVE-2011-0010 Oracle Linux 5 [1.0.9-60.0.1.el5] - Add support for resvport for unmonting [orabug 13567018] [1.0.9-60] - Updated idmapd.conf and idmapd.conf.man to reflect the static user name mapping (502707) - Fixed an umount regression introduced by bz 513094 (bz 781931) [1.0.9-59] - gss: turned of even more excessive syslogs (bz 593097) - mount.nfs: Ignored the SIGXFSZ when handling RLIMIT_FSIZE changes (bz 697979) [1.0.9-58] - gss: turned off more excessive syslogs (bz 593097) - initfiles: more initscripts improvements (bz 710020) - specfile: correct typo when nfsnobodys gid already exists (bz 729603) [1.0.9-57] - Mount fails to anticipate RLIMIT_FSIZE (bz 697979,CVE-2011-1749) [1.0.9-56] - Removed sim crash support (bz 600497) - initfiles: more initscripts improvements (bz 710020) - mount: Don't wait for TCP to timeout twice (bz 736677) [1.0.9-55] - mount: fixed the -o retry option to retry the given amount (bz 736677) - manpage: removed the -o fsc option (bz 715523) - nfsstat: show v4 mounts with -m flag (bz 712438) - mount: allow insecure ports with mounts (bz 513094) - gss: turned off excessive syslogs (bz 593097) - mountd: allow v2 and v3 to be disabled (bz 529588) - specfile: make sure nfsnobodys gid changes when it exists (bz 729603) - initfiles: initscripts improvements (bz 710020) LOW Copyright 2012 Oracle, Inc. CVE-2011-1749 Oracle Linux 5 [1.2-11.2.0.1.el5] - Fix double malloc and free problem in CrdLoopPrepare and CrdLoopCleanup [1.2-11.2.el5] - Added Requires lines for ibutils-libs to make rpmdiff happier. - Add patch for CVE-2008-3277 Resolves: bz768400 [1.2-11.1.el5] - Add ibutils-1.2-invalid-delete.patch to close Resolves: bz711779 LOW Copyright 2012 Oracle, Inc. CVE-2008-3277 Oracle Linux 5 [8.45.42-1.0.1.el5] - Update oracle-enterprise.patch to do detection on /etc/oracle-release and /etc/enterprise-release - Patch x86_64 sysctl.conf as well as default sysctl.conf - Patch sysctl.conf to default rp_filter to loose reverse path filtering (has no effect for pre-2.6.32 kernels) [orabug 10286227] - Move hwclock into udev rules - Update oracle-enterprise.patch to fix RedHat references in arch specific sysctl.conf files in source tarball - Add oracle-enterprise.patch and update specfile - Don't attempt to re-enslave already-enslaved devices (#455537) (pknirsch@redhat.com) [8.45.42-1] - changed exchange_mode to 'main, aggressive' (#435274) [8.45.41-1] - fix check for dhcp6c pid (#568896) [8.45.40-1] - exit arping on first response (#744734) [8.45.39-1] - suppress remove error message during boot (#679998) - fix logic error with removing arp_ip_target (#745681) LOW Copyright 2012 Oracle, Inc. CVE-2008-1198 Oracle Linux 5 [3.0.33-3.37.el5] - Regenerate manpage for 'wide links' and 'unix extensions' sections - related: #722553 [3.0.33-3.36.el5] - Security Release, fixes CVE-2010-0926 - resolves: #722553 [3.0.33-3.35.el5] - Fix smbclient return code - resolves: #768908 [3.0.33-3.34.el5] - Fix support for Windows 2008 R2 domains - resolves: #736124 [3.0.33-3.33.el5] - Security Release, fixes CVE-2010-0547, CVE-2010-0787, CVE-2011-2694, CVE-2011-2522, CVE-2011-1678, CVE-2011-2724 - resolves: #722553 [3.0.33-3.32.el5] - Security Release, fixes CVE-2011-0719 - resolves: #678331 [3.0.33-3.30.el5] - Security Release, fixes CVE-2010-3069 - resolves: #632230 LOW Copyright 2012 Oracle, Inc. CVE-2010-0926 Oracle Linux 5 Oracle Linux 6 [2:1.2.46-2] - Fix CVE-2011-3026 Resolves: #791007 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-3026 Oracle Linux 5 Oracle Linux 6 [1.11.23-11.el6_2.1] - Fix CVE-2012-0804 (Resolves: #784338) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0804 Oracle Linux 5 [1.6.0.0-1.25.1.10.6.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.25.1.10.6] - Updated to IcedTea6 1.10.6 - Resolves: rhbz#787142 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - S7110704: Issues with some method in corba - S7112642: Incorrect checking for graphics rendering object - S7118283: Better input parameter checking in zip file processing - S7126960: Add property to limit number of request headers to the HTTP Server - Bug fixes - RH580478: Desktop files should not use hardcoded path - Removed and deleted upstreamed patch7 - name-rmi-fix.patch - Removed and deleted upstreamed Hugepages patches: - Source100: 7034464-hugepage.patch - Source101: 7037939-hugepage.patch - Source102: 7043564-hugepage.patch IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2011-3571 CVE-2011-5035 CVE-2012-0507 Oracle Linux 5 [2.2.3-63.0.1.el5_8.1] - Fix mod_ssl always performing full renegotiation (orabug 12423387) - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-63.1] - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787596) - remove patch for CVE-2011-3638, obviated by fix for CVE-2011-3639 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3607 CVE-2011-3639 CVE-2012-0031 CVE-2012-0053 Oracle Linux 5 Oracle Linux 6 [2.7.6-4.0.1.el6_2.4] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-4.el6_2.4] - remove chunk in patch related to configure.in as it breaks rebuild - Resolves: rhbz#788845 [2.7.6-4.el6_2.3] - fix previous build to force compilation of randomization code - Resolves: rhbz#788845 [2.7.6-4.el6_2.2] - adds randomization to hash and dict structures CVE-2012-0841 - Resolves: rhbz#788845 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0841 Oracle Linux 5 [3.0.33-3.38.el5] - Security release, fixes CVE-2012-0870 - resolves: #795718 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0870 Oracle Linux 6 [2.6.32-220.7.1.el6] - [netdrv] tg3: Fix single-vector MSI-X code (John Feeney) [787162 703555] - [mm] export remove_from_page_cache() to modules (Jerome Marchand) [772687 751419] - [block] cfq-iosched: fix cfq_cic_link() race confition (Vivek Goyal) [786022 765673] - [fs] cifs: lower default wsize when unix extensions are not used (Jeff Layton) [789058 773705] - [net] svcrpc: fix double-free on shutdown of nfsd after changing pool mode (J. Bruce Fields) [787580 753030] - [net] svcrpc: avoid memory-corruption on pool shutdown (J. Bruce Fields) [787580 753030] - [net] svcrpc: destroy server sockets all at once (J. Bruce Fields) [787580 753030] - [net] svcrpc: simplify svc_close_all (J. Bruce Fields) [787580 753030] - [net] svcrpc: fix list-corrupting race on nfsd shutdown (J. Bruce Fields) [787580 753030] - [fs] xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() (Carlos Maiolino) [749161 694702] {CVE-2011-4077} - [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749161 694702] {CVE-2011-4077} - [x86] hpet: Disable per-cpu hpet timer if ARAT is supported (Prarit Bhargava) [772884 750201] - [x86] Improve TSC calibration using a delayed workqueue (Prarit Bhargava) [772884 750201] - [kernel] clocksource: Add clocksource_register_hz/khz interface (Prarit Bhargava) [772884 750201] - [kernel] clocksource: Provide a generic mult/shift factor calculation (Prarit Bhargava) [772884 750201] - [block] cfq-iosched: fix a kbuild regression (Vivek Goyal) [769208 705698] - [block] cfq-iosched: rethink seeky detection for SSDs (Vivek Goyal) [769208 705698] - [block] cfq-iosched: rework seeky detection (Vivek Goyal) [769208 705698] - [block] cfq-iosched: don't regard requests with long distance as close (Vivek Goyal) [769208 705698] [2.6.32-220.6.1.el6] - [scsi] qla2xxx: Module parameter to control use of async or sync port login (Chad Dupuis) [788003 769007] [2.6.32-220.5.1.el6] - [net] igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Jiri Pirko) [772870 772871] {CVE-2012-0207} - [fs] xfs: validate acl count (Eric Sandeen) [773282 773283] {CVE-2012-0038} - [fs] Fix sendfile write-side file position (Steven Whitehouse) [771870 770023] - [virt] kvm: x86: fix missing checks in syscall emulation (Marcelo Tosatti) [773390 773391] {CVE-2012-0045} - [virt] kvm: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Marcelo Tosatti) [773390 773391] {CVE-2012-0045} - [fs] nfs: when attempting to open a directory, fall back on normal lookup (Jeff Layton) [771981 755380] - [kernel] crypto: ghash - Avoid null pointer dereference if no key is set (Jiri Benc) [749481 749482] {CVE-2011-4081} - [fs] jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) [753344 693981] {CVE-2011-4132} - [net] fix unsafe pointer access in sendmmsg (Jiri Benc) [761668 760798] {CVE-2011-4594} - [scsi] increase qla2xxx firmware ready time-out (Mark Goodwin) [781971 731917] - [perf] powerpc: Handle events that raise an exception without overflowing (Steve Best) [767917 755737] {CVE-2011-4611} - [sched] x86: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [781974 765720] - [virt] x86: Prevent starting PIT timers in the absence of irqchip support (Marcelo Tosatti) [769634 769550] {CVE-2011-4622} - [virt] vmxnet3: revert hw features change (Neil Horman) [761536 759613] - [netdrv] qlge: fix size of external list for TX address descriptors (Steve Best) [783226 772237] - [netdrv] e1000e: Avoid wrong check on TX hang (Dean Nelson) [768916 751087] - [virt] KVM: Device assignment permission checks (Alex Williamson) [756092 756093] {CVE-2011-4347} - [virt] KVM: Remove ability to assign a device without iommu support (Alex Williamson) [756092 756093] {CVE-2011-4347} - [virt] kvm: device-assignment: revert Disable the option to skip iommu setup (Alex Williamson) [756092 756093] {CVE-2011-4347} MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4081 CVE-2011-4347 CVE-2011-4594 CVE-2011-4611 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207 CVE-2011-4077 CVE-2011-4132 CVE-2011-4622 Oracle Linux 6 [0.5.5-3] - sanitize inputs to limit() and offset() Resolves: CVE-2012-0805 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0805 Oracle Linux 5 [3.0.3-135.el5_8.2] - Fix broken timestamp log (rhbz 797836) [3.0.3-135.el5_8.1] - qemu-dm/e1000: bounds packet size against buffer size (rhbz 786862) - Use correct expansion in xen-network-common.sh (rhbz 797191) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0029 Oracle Linux 5 Oracle Linux 6 [1.6-5.0.1.el6_2] - remove doc/SystemTap_Beginners_Guide/en-US in tarball - comment bz683569.patch in specfile - remove buildtime dependency on package publican-redhat [1.6-5] - CVE-2012-0875 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0875 Oracle Linux 5 Oracle Linux 6 firefox: [10.0.3-1.0.1.el6_2] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [10.0.3-1] - Update to 10.0.3 ESR xulrunner: [10.0.3-1.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with - xulrunner-oracle-default-prefs.js [10.0.3-1] - Update to 10.0.3 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0451 CVE-2012-0455 CVE-2012-0456 CVE-2012-0457 CVE-2012-0458 CVE-2012-0459 CVE-2012-0460 CVE-2012-0461 CVE-2012-0462 CVE-2012-0464 Oracle Linux 6 [10.0.3-1.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.3-1] - Update to 10.0.3 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0451 CVE-2012-0455 CVE-2012-0456 CVE-2012-0457 CVE-2012-0458 CVE-2012-0459 CVE-2012-0460 CVE-2012-0461 CVE-2012-0462 CVE-2012-0464 Oracle Linux 6 [2.12-1.47.el6_2.9] - Always use another area after a failed allocation in the main arena (#795328) - Remove sse3 memcpy (#695812) changes (#799259) [2.12-1.47.el6_2.8] - Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794815) [2.12-1.47.el6_2.7] - Fix locking on malloc family retry paths (#795328) [2.12-1.47.el6_2.6] - Fix cycle detection in dynamic loader (#783999) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0864 Oracle Linux 5 [2.5-81.el5_8.1] - Add dist tag [when building file lists (#784646).] - Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794813) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0864 Oracle Linux 5 Oracle Linux 6 [2:1.2.48-1] - Update to libpng 1.2.48, for minor security issues (CVE-2011-3045) Resolves: #801663 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3045 Oracle Linux 6 [1.4.18-5.1] - Fixed XML entity expansion that could lead to information disclosure (CVE-2012-0037) Resolves: rhbz#804496 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0037 Oracle Linux 5 Oracle Linux 6 [1.0.0-20.3] - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0884 CVE-2012-1165 Oracle Linux 6 [2.3-3.1] - fix CVE-2012-1569 - missing length check when decoding DER lengths (#804920) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1569 Oracle Linux 5 [1.4.1-7.2] - fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308) - fix CVE-2012-1569 - missing length check when decoding DER lengths (#804920) - fix CVE-2012-1573 - security issue in packet parsing (#805432) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-4128 CVE-2012-1569 CVE-2012-1573 Oracle Linux 6 [2.8.5-4.2] - fix CVE-2012-1573 - security issue in packet parsing (#805432) - fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-4128 CVE-2012-1573 Oracle Linux 5 Oracle Linux 6 [4.8.0-19.1] - Proper region tag validation on package/header read (CVE-2012-0060) - Double-check region size against header size (CVE-2012-0061) - Validate negated offsets too in headerVerifyInfo() (CVE-2012-0815) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0060 CVE-2012-0061 CVE-2012-0815 Oracle Linux 5 Oracle Linux 6 [3.5.10-115] - Security Release, fixes CVE-2012-1182 - resolves: #804644 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1182 Oracle Linux 5 [3.5.10-0.108] - Security Release, fixes CVE-2012-1182 - resolves: #804650 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1182 Oracle Linux 5 Oracle Linux 6 [2.3.11-6.el6_2.9] - Fix CVE-2012-{1126, 1127, 1130, 1131, 1132, 1134, 1136, 1137, 1139, 1140, 1141, 1142, 1143, 1144} - Properly initialize array 'result' in FT_Outline_Get_Orientation() - Check bytes per row for overflow in _bdf_parse_glyphs() - Resolves: #806268 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1126 CVE-2012-1127 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1134 CVE-2012-1136 CVE-2012-1137 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 Oracle Linux 5 Oracle Linux 6 [3.9.4-5] - Add fix for CVE-2012-1173 Resolves: #CVE-2012-1173 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1173 Oracle Linux 5 [0:5.5.23-0jpp.31] - Resolves: CVE-2012 regression. Changed patch file. [0:5.5.23-0jpp.30] - Resolves: CVE-2012-0022, CVE-2011-4858 [0:5.5.23-0jpp.27] - Resolves CVE-2011-0013 rhbz 675933 - Resolves CVE-2011-3718 rhbz 675933 [0:5.5.23-0jpp.23] - Resolves CVE-2011-1184 rhbz 744984 - Resolves CVE-2011-2204 rhbz 719188 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4858 CVE-2012-0022 Oracle Linux 6 [0:6.0.24-36] - Resolves: CVE-2012-0022 regression. Changes made to patch file. MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4858 CVE-2012-0022 Oracle Linux 5 [2.6.18-308.4.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.4.1.el5] - [net] ipv6: fix skb double free in xfrm6_tunnel (Jiri Benc) [752305 743375] {CVE-2012-1583} [2.6.18-308.3.1.el5] - [net] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [805462 773735] - [net] be2net: add vlan/rx-mode/flow-control config to be_setup (Ivan Vecera) [805462 773735] - [x86] disable TSC synchronization when using kvmclock (Marcelo Tosatti) [805460 799170] - [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry (Ian Kent) [801726 798809] - [fs] vfs: fix d_instantiate_unique (Ian Kent) [801726 798809] - [fs] nfs: allow high priority COMMITs to bypass inode commit lock (Jeff Layton) [799941 773777] - [fs] nfs: don't skip COMMITs if system under is mem pressure (Jeff Layton) [799941 773777] - [scsi] qla2xxx: Read the HCCR register to flush any PCIe writes (Chad Dupuis) [798748 772192] - [scsi] qla2xxx: Complete mbox cmd timeout before next reset cycle (Chad Dupuis) [798748 772192] - [s390] qdio: wrong buffers-used counter for ERROR buffers (Hendrik Brueckner) [801724 790840] - [net] bridge: Reset IPCB when entering IP stack (Herbert Xu) [804721 749813] - [fs] procfs: add hidepid= and gid= mount options (Jerome Marchand) [770649 770650] - [fs] procfs: parse mount options (Jerome Marchand) [770649 770650] [2.6.18-308.2.1.el5] - [fs] nfs: nfs_fhget should wait on I_NEW instead of I_LOCK (Sachin Prabhu) [795664 785062] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1583 Oracle Linux 5 [2.6.18-308.4.1.el5] - [net] ipv6: fix skb double free in xfrm6_tunnel (Jiri Benc) [752305 743375] {CVE-2012-1583} [2.6.18-308.3.1.el5] - [net] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [805462 773735] - [net] be2net: add vlan/rx-mode/flow-control config to be_setup (Ivan Vecera) [805462 773735] - [x86] disable TSC synchronization when using kvmclock (Marcelo Tosatti) [805460 799170] - [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry (Ian Kent) [801726 798809] - [fs] vfs: fix d_instantiate_unique (Ian Kent) [801726 798809] - [fs] nfs: allow high priority COMMITs to bypass inode commit lock (Jeff Layton) [799941 773777] - [fs] nfs: don't skip COMMITs if system under is mem pressure (Jeff Layton) [799941 773777] - [scsi] qla2xxx: Read the HCCR register to flush any PCIe writes (Chad Dupuis) [798748 772192] - [scsi] qla2xxx: Complete mbox cmd timeout before next reset cycle (Chad Dupuis) [798748 772192] - [s390] qdio: wrong buffers-used counter for ERROR buffers (Hendrik Brueckner) [801724 790840] - [net] bridge: Reset IPCB when entering IP stack (Herbert Xu) [804721 749813] - [fs] procfs: add hidepid= and gid= mount options (Jerome Marchand) [770649 770650] - [fs] procfs: parse mount options (Jerome Marchand) [770649 770650] [2.6.18-308.2.1.el5] - [fs] nfs: nfs_fhget should wait on I_NEW instead of I_LOCK (Sachin Prabhu) [795664 785062] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1583 Oracle Linux 6 [2.6.32-220.13.1.el6] - Revert: [fs] NFSv4: include bitmap in nfsv4 get acl data (Sachin Prabhu) [753231 753232] {CVE-2011-4131} [2.6.32-220.12.1.el6] - [net] net_sched: qdisc_alloc_handle() can be too slow (Jiri Pirko) [805458 785891] - [fs] procfs: add hidepid= and gid= mount options (Jerome Marchand) [770651 770652] - [fs] procfs: parse mount options (Jerome Marchand) [770651 770652] - [fs] fuse: add O_DIRECT support (Josef Bacik) [800552 753798] - [kernel] sysctl: restrict write access to dmesg_restrict (Phillip Lougher) [749248 749251] - [block] dm io: fix discard support (Mike Snitzer) [799943 758404] - [net] netlink: wrong size was calculated for vfinfo list blob (Andy Gospodarek) [790338 772136] - [netdrv] mlx4_en: fix endianness with blue frame support (Steve Best) [789911 750166] - [usb] Fix deadlock in hid_reset when Dell iDRAC is reset (Shyam Iyer) [797205 782374] - [virt] vmxnet3: Cap the length of the pskb_may_pull on transmit (bz 790673) (Neil Horman) [801723 790673] - [scsi] megaraid_sas: Fix instance access in megasas_reset_timer (Tomas Henzl) [790341 759318] - [netdrv] macvtap: Fix the minor device number allocation (Steve Best) [796828 786518] - [net] tcp: bind() fix autoselection to share ports (Flavio Leitner) [787764 784671] - [fs] cifs: change oplock break slow work to very slow work (Jeff Layton) [789373 772874] - [net] sunrpc: remove xpt_pool (J. Bruce Fields) [795338 753301] - [net] Potential null skb->dev dereference (Flavio Leitner) [795335 769590] - [net] pkt_sched: Fix sch_sfq vs tcf_bind_filter oops (Jiri Pirko) [786873 667925] - [net] mac80211: cancel auth retries when deauthenticating (John Linville) [797241 754356] [2.6.32-220.11.1.el6] - [netdrv] igb: reset PHY after recovering from PHY power down (Frantisek Hrbata) [789371 737714] - [drm] Ivybridge force wake fixes (Dave Airlie) [790007 786272] - [fs] xfs: fix inode lookup race (Dave Chinner) [804961 796277] - [kernel] regset: Return -EFAULT, not -EIO, on host-side memory fault (Jerome Marchand) [799212 799213] {CVE-2012-1097} - [kernel] regset: Prevent null pointer reference on readonly regsets (Jerome Marchand) [799212 799213] {CVE-2012-1097} - [block] Fix io_context leak after failure of clone with CLONE_IO (Vivek Goyal) [796846 791125] {CVE-2012-0879} - [block] Fix io_context leak after clone with CLONE_IO (Vivek Goyal) [796846 791125] {CVE-2012-0879} - [fs] cifs: fix dentry refcount leak when opening a FIFO on lookup (Sachin Prabhu) [798298 781893] {CVE-2012-1090} - [fs] NFSv4: include bitmap in nfsv4 get acl data (Sachin Prabhu) [753231 753232] {CVE-2011-4131} - [mm] fix nrpages assertion (Josef Bacik) [797182 766861] - [mm] Eliminate possible panic in page compaction code (Larry Woodman) [802430 755885] - [mm] Prevent panic on 2-node x3850 X5 w/2 MAX5 memory drawers panics while running certification tests caused by page list corruption (Larry Woodman) [802430 755885] - [sched] Fix cgroup movement of waking process (Larry Woodman) [795326 773517] - [sched] Fix cgroup movement of forking process (Larry Woodman) [795326 773517] - [sched] Fix cgroup movement of newly created process (Larry Woodman) [795326 773517] - [sched] Fix ->min_vruntime calculation in dequeue_entity() (Larry Woodman) [795326 773517] - [sched] cgroup: Fixup broken cgroup movement (Larry Woodman) [795326 773517] - [kernel] Prevent system deadlock when moving tasks between cgroups (Larry Woodman) [789060 773522] - [kernel] sched: fix {s,u}time values decrease (Stanislaw Gruszka) [789061 748559] - [mm] mempolicy.c: refix mbind_range() vma issue (Motohiro Kosaki) [802379 727700] - [mm] mempolicy.c: fix pgoff in mbind vma merge (Motohiro Kosaki) [802379 727700] [2.6.32-220.10.1.el6] - [sched] Fix Kernel divide by zero panic in find_busiest_group() (Larry Woodman) [801718 785959] [2.6.32-220.9.1.el6] - [x86] Fix c-state transitions when !NOHZ (Prarit Bhargava) [798572 767753] - [x86] tsc: Skip TSC synchronization checks for tsc=reliable (Prarit Bhargava) [798572 767753] [2.6.32-220.8.1.el6] - [fs] nfs: don't try to migrate pages with active requests (Jeff Layton) [790905 739811] MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0879 CVE-2012-1090 CVE-2012-1097 Oracle Linux 6 [1.2.15-2.0.1.el6_2.1] - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect [1.2.15-2.1] - security patches - Resolves: CVE-2011-1143 CVE-2011-1590 CVE-2011-1957 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-1958 CVE-2011-2597 CVE-2011-2698 CVE-2011-4102 CVE-2012-0041 CVE-2012-0066 CVE-2012-0067 CVE-2012-0042 CVE-2012-1595 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-1143 CVE-2011-1590 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-2597 CVE-2011-2698 CVE-2011-4102 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 CVE-2012-0067 CVE-2012-1595 Oracle Linux 5 Oracle Linux 6 firefox: [10.0.4-1.0.1.el6_2] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.4-1] - Update to 10.0.4 ESR xulrunner: [10.0.4-1.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.4-1] - Update to 10.0.4 ESR [10.0.3-3] - Fixed mozbz#746112 - ppc(64) freeze [10.0.3-2] - Fixed mozbz#681937 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 CVE-2011-3062 Oracle Linux 6 [10.0.4-1.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.4-1] - Update to 10.0.4 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 CVE-2011-3062 Oracle Linux 5 Oracle Linux 6 openssl: [1.0.0-20.4] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) openssl098e: [0.9.8e-17.el6_2.2] - Updated the description [0.9.8e-17.2] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2110 Oracle Linux 5 Oracle Linux 6 [2:1.2.49-1] - Update to libpng 1.2.49, for minor security issues (CVE-2011-3048) Resolves: #812714 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3048 Oracle Linux 5 Oracle Linux 6 [3.5.10-116] - Security Release, fixes CVE-2012-2111 - resolves: #815688 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2111 Oracle Linux 6 [6.5.4.7-6] - Add fix for CVE-2010-4167 - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 MODERATE Copyright 2012 Oracle, Inc. CVE-2010-4167 CVE-2012-0247 CVE-2012-0248 CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 Oracle Linux 5 [6.2.8.0-15.el5] - Fix for PostScript conversion was incomplete, as larger documents would end up being cropped without the -g option (797364) [6.2.8.0-14.el5] - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 [6.2.8.0-13.el5] - Fix PostScript conversion failing with /undefinedfilename (797364) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0247 CVE-2012-0248 CVE-2012-0260 Oracle Linux 5 Oracle Linux 6 [5.3.3-3.8] - correct detection of = in CVE-2012-1823 fix (#818607) [5.3.3-3.7] - add security fix for CVE-2012-1823 (#818607) CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1823 Oracle Linux 5 [5.3.3-7] - correct detection of = in CVE-2012-1823 fix (#818607) [5.3.3-6] - add security fix for CVE-2012-1823 (#818607) CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1823 Oracle Linux 6 [2.6.32-220.17.1.el6] - [scsi] fcoe: Do not switch context in vport_delete callback (Neil Horman) [809388 806119] [2.6.32-220.16.1.el6] - Revert: [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [800268 696442] [2.6.32-220.15.1.el6] - [net] SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() (Steve Dickson) [811299 809928] - [char] ipmi: Increase KCS timeouts (Matthew Garrett) [806906 803378] - [kernel] sched: Fix ancient race in do_exit() (Frantisek Hrbata) [805457 784758] - [scsi] sd: Unmap discard alignment needs to be converted to bytes (Mike Snitzer) [810322 805519] - [scsi] sd: Fix VPD buffer allocations (Mike Snitzer) [810322 805519] - [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [800268 696442] - [scsi] fix system lock up from scsi error flood (Frantisek Hrbata) [809378 800555] - [sound] ALSA: pcm midlevel code - add time check for (Jaroslav Kysela) [801329 798984] - [pci] Add pcie_hp=nomsi to disable MSI/MSI-X for pciehp driver (hiro muneda) [807426 728852] - [sound] ALSA: enable OSS emulation layer for PCM and mixer (Jaroslav Kysela) [812960 657291] - [scsi] qla4xxx: Fixed BFS with sendtargets as boot index (Chad Dupuis) [803881 722297] - [fs] nfs: Additional readdir cookie loop information (Steve Dickson) [811135 770250] - [fs] NFS: Fix spurious readdir cookie loop messages (Steve Dickson) [811135 770250] - [x86] powernow-k8: Fix indexing issue (Frank Arnold) [809391 781566] - [x86] powernow-k8: Avoid Pstate MSR accesses on systems supporting CPB (Frank Arnold) [809391 781566] - [redhat] spec: Add python-perf-debuginfo subpackage (Josh Boyer) [806859 806859] [2.6.32-220.14.1.el6] - [net] fix vlan gro path (Jiri Pirko) [810454 720611] - [virt] VMX: vmx_set_cr0 expects kvm->srcu locked (Marcelo Tosatti) [808206 807507] {CVE-2012-1601} - [virt] KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Marcelo Tosatti) [808206 807507] {CVE-2012-1601} - [scsi] fcoe: Move destroy_work to a private work queue (Neil Horman) [809388 806119] - [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [749727 748713] {CVE-2011-4086} - [net] af_iucv: offer new getsockopt SO_MSGSIZE (Hendrik Brueckner) [804547 786997] - [net] af_iucv: performance improvements for new HS transport (Hendrik Brueckner) [804548 786996] - [s390x] af_iucv: remove IUCV-pathes completely (Hendrik Brueckner) [807158 786960] - [x86] iommu/amd: Fix wrong shift direction (Don Dutile) [809376 781531] - [x86] iommu/amd: Don't use MSI address range for DMA addresses (Don Dutile) [809374 781524] - [fs] NFSv4: Further reduce the footprint of the idmapper (Steve Dickson) [802852 730045] - [fs] NFSv4: Reduce the footprint of the idmapper (Steve Dickson) [802852 730045] - [scsi] fcoe: Make fcoe_transport_destroy a synchronous operation (Neil Horman) [809372 771251] - [net] ipv4: Constrain UFO fragment sizes to multiples of 8 bytes (Jiri Benc) [809104 797731] - [net] ipv4: Don't use ufo handling on later transformed packets (Jiri Benc) [809104 797731] - [net] udp: Add UFO to NETIF_F_GSO_SOFTWARE (Jiri Benc) [809104 797731] - [fs] nfs: Try using machine credentials for RENEW calls (Sachin Prabhu) [806205 795441] MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4086 CVE-2012-1601 Oracle Linux 5 [kvm-83-249.0.1.el5_8.4] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-249.el5_8.4] - kvm-kernel-KVM-unmap-pages-from-the-iommu-when-slots-are-remove.patch [bz#814151] - CVE: CVE-2012-2121 - Resolves: bz#814151 (CVE-2012-2121 kvm: device assignment page leak [rhel-5.8]) [kvm-83-249.el5_8.3] - kvm-fix-l1_map-buffer-overflow.patch [bz#816207] - Resolves: bz#816207 (qemu-kvm segfault in tb_invalidate_phys_page_range()) [kvm-83-249.el5_8.2] - kvm-kernel-KVM-Ensure-all-vcpus-are-consistent-with-in-kernel-i.patch [bz#808205] - Resolves: bz#808205 (CVE-2012-1601 kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency [rhel-5.8.z]) [kvm-83-249.el5_8.1] - kvm-posix-aio-compat-fix-thread-accounting-leak.patch [bz#802429] - Resolves: bz#802429 ([RHEL5.8 Snapshot2]RHEL5.8 KVMGuest hung during Guest OS booting up) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-1601 CVE-2012-2121 Oracle Linux 5 [8.1.23-4] - Back-port upstream fixes for CVE-2012-0866 and CVE-2012-0868 Resolves: #812070 [8.1.23-3] - Back-port upstream fix for unregistering OpenSSL callbacks at close Resolves: #728828 [8.1.23-2] - Back-port upstream fix for CVE-2011-2483 Resolves: #740738 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0866 CVE-2012-0868 Oracle Linux 5 Oracle Linux 6 [8.4.11-1] - Update to PostgreSQL 8.4.11, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-11.html http://www.postgresql.org/docs/8.4/static/release-8-4-10.html including the fixes for CVE-2012-0866, CVE-2012-0867, CVE-2012-0868 Resolves: #812081 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0867 CVE-2012-0866 CVE-2012-0868 Oracle Linux 6 [0.2.0-7.1] - fix for CVE-2012-2134 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2134 Oracle Linux 5 [2.6.18-308.8.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.8.1.el5] - [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136} - [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011] - [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800] - [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489] - [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799] [2.6.18-308.7.1.el5] - [fs] epoll: Don't limit non-nested epoll paths (Jason Baron) [809380 804778] [2.6.18-308.6.1.el5] - [scsi] fc class: fix scanning when devs are offline (Mike Christie) [816684 799530] - [md] dm-multipath: delay retry of bypassed pg (Mike Christie) [816684 799530] - [net] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [811927 800575] - [net] bonding: remove {master,vlan}_ip and query devices instead (Andy Gospodarek) [810321 772216] [2.6.18-308.5.1.el5] - [scsi] skip sense logging for some ATA PASS-THROUGH cdbs (David Milburn) [807265 788777] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2136 Oracle Linux 5 [2.6.18-308.8.1.el5] - [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136} - [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011] - [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800] - [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489] - [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799] [2.6.18-308.7.1.el5] - [fs] epoll: Don't limit non-nested epoll paths (Jason Baron) [809380 804778] [2.6.18-308.6.1.el5] - [scsi] fc class: fix scanning when devs are offline (Mike Christie) [816684 799530] - [md] dm-multipath: delay retry of bypassed pg (Mike Christie) [816684 799530] - [net] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [811927 800575] - [net] bonding: remove {master,vlan}_ip and query devices instead (Andy Gospodarek) [810321 772216] [2.6.18-308.5.1.el5] - [scsi] skip sense logging for some ATA PASS-THROUGH cdbs (David Milburn) [807265 788777] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2136 Oracle Linux 5 Oracle Linux 6 [1.0.0-20.5] - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686) - properly initialize tkeylen in the CVE-2012-0884 fix MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2333 Oracle Linux 6 [1:3.2.1-19.6.0.1.el6_2.7] - Replaced RedHat colors with Oracle colors, OOO_VENDOR with Oracle Corp., and the filename redhat.soc with oracle.soc in specfile [1:3.2.1-19.6.7] - Resolves: CVE-2012-2334 Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents [1:3.2.1-19.6.6] - Resolves: CVE-2012-1149 Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1149 CVE-2012-2334 Oracle Linux 5 Oracle Linux 6 firefox: [10.0.5-1.0.1.el6_2] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.5-1] - Update to 10.0.5 ESR xulrunner: [10.0.5-1.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.5-1] - Update to 10.0.5 ESR [10.0.4-2] - Added patch for mozbz#703633 CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 Oracle Linux 6 [10.0.5-2.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.5-2] - Update to 10.0.5 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 Oracle Linux 5 Oracle Linux 6 [32:9.7.3-8.P3.3] - fix CVE-2012-1667 and CVE-2012-1033 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1033 CVE-2012-1667 Oracle Linux 5 [32:9.7.0-10.P2.1] - fix CVE-2012-1667 and CVE-2012-1033 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1033 CVE-2012-1667 Oracle Linux 5 kernel: [2.6.18-308.8.2.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] +- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.8.2.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] ocfs2: [1.4.10] - ocfs2/dlm: Cleanup mlogs in dlmthread.c dlmast.c and dlmdomain.c - ocfs2/dlm: make existing convertion precedent over new lock - ocfs2/dlm: Cleanup dlmdebug.c - ocfs2/dlm: Minor cleanup - ocfs2/dlm: Hard code the values for enums - ocfs2: Wakeup down convert thread just after clearing OCFS2 LOCK UPCONVERT FINISHING - ocfs2/dlm: Take inflight reference count for remotely mastered resources too - ocfs2/dlm: dlmlock remote needs to account for remastery - ocfs2: Add some trace log for orphan scan - ocfs2: Remove unused old id in ocfs2_commit_cache - ocfs2: Remove obsolete comments before ocfs2_start_trans - ocfs2: Initialize the bktcnt variable properly and call it bucket_count - ocfs2: Use cpu to le16 for e leaf clusters in ocfs2_bg_discontig_add_extent - ocfs2: validate bg free bits count after update - ocfs2: cluster Pin the remote node item in configfs - ocfs2: Release buffer head in case of error in ocfs2_double_lock - ocfs2: optimize ocfs2 check dir entry with unlikely() annotations - ocfs2: Little refactoring against ocfs2 iget - ocfs2: Initialize data ac might be used uninitializ - ocfs2 Skip mount recovery for hard ro mounts - ocfs2: make direntry invalid when deleting it - ocfs2: commit trans in error - ocfs2: Fix deadlock when allocating page - ocfs2: Avoid livelock in ocfs2 readpage IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0217 CVE-2012-2934 Oracle Linux 5 kernel: [2.6.18-308.8.2.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] ocfs2: [1.4.10] - ocfs2/dlm: Cleanup mlogs in dlmthread.c dlmast.c and dlmdomain.c - ocfs2/dlm: make existing convertion precedent over new lock - ocfs2/dlm: Cleanup dlmdebug.c - ocfs2/dlm: Minor cleanup - ocfs2/dlm: Hard code the values for enums - ocfs2: Wakeup down convert thread just after clearing OCFS2 LOCK UPCONVERT FINISHING - ocfs2/dlm: Take inflight reference count for remotely mastered resources too - ocfs2/dlm: dlmlock remote needs to account for remastery - ocfs2: Add some trace log for orphan scan - ocfs2: Remove unused old id in ocfs2_commit_cache - ocfs2: Remove obsolete comments before ocfs2_start_trans - ocfs2: Initialize the bktcnt variable properly and call it bucket_count - ocfs2: Use cpu to le16 for e leaf clusters in ocfs2_bg_discontig_add_extent - ocfs2: validate bg free bits count after update - ocfs2: cluster Pin the remote node item in configfs - ocfs2: Release buffer head in case of error in ocfs2_double_lock - ocfs2: optimize ocfs2 check dir entry with unlikely() annotations - ocfs2: Little refactoring against ocfs2 iget - ocfs2: Initialize data ac might be used uninitializ - ocfs2 Skip mount recovery for hard ro mounts - ocfs2: make direntry invalid when deleting it - ocfs2: commit trans in error - ocfs2: Fix deadlock when allocating page - ocfs2: Avoid livelock in ocfs2 readpage IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0217 CVE-2012-2934 Oracle Linux 6 [1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828751 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828751 [1:1.6.0.0-1.46.1.11.3] - Sync with 6.3: - Bump to IcedTea6 1.11.3 - With removed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Including patch7 - java-1.6.0-openjdk-jstack.patch - Including patch3, java-1.6.0-openjdk-java-access-bridge-security.patch modification - Resolves: rhbz#828751 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 Oracle Linux 5 [1.6.0.0-1.27.1.10.8.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.27.1.10.8] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828749 [1:1.6.0.0-1.26.1.10.8] - Updated to IcedTea6 1.10.8 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828749 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 Oracle Linux 5 Oracle Linux 6 [2.0.1-11] - use symbol version for XML_SetHashSalt (CVE-2012-0876, #816306) [2.0.1-10] - add security fix for CVE-2012-1148 (#811825) - add security fix for CVE-2012-0876 (#811833) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0876 CVE-2012-1148 Oracle Linux 6 [2.6.32-220.23.1.el6] - [net] bond: Make LRO flag follow slave settings (Neil Horman) [831176 794647] [2.6.32-220.22.1.el6] - [net] ipv4/netfilter: TCP and raw fix for ip_route_me_harder (Jiri Benc) [824429 812108] [2.6.32-220.21.1.el6] - [security] fix compile error in commoncap.c (Eric Paris) [806725 806726] {CVE-2012-2123} - [security] fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [806725 806726] {CVE-2012-2123} - [net] rds: fix rds-ping inducing kernel panic (Jay Fenlason) [822757 803936] {CVE-2012-2372} - [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816292 814504] {CVE-2012-2136} - [virt] kvm: Fix buffer overflow in kvm_set_irq() (Avi Kivity) [816154 816155] {CVE-2012-2137} - [drm] integer overflow in drm_mode_dirtyfb_ioctl() (Dave Airlie) [773249 773250] {CVE-2012-0044} - [net] netfilter: Fix ip_route_me_harder triggering ip_rt_bug (Jiri Benc) [824429 812108] - [net] netfilter/tproxy: do not assign timewait sockets to skb->sk (Jiri Benc) [824429 812108] - [virt] xenpv: avoid paravirt __pmd in read_pmd_atomic (Andrew Jones) [823903 822697] - [infiniband] mlx4: fix RoCE oops (Doug Ledford) [799946 749059] - [mm] read_pmd_atomic: fix pmd_populate SMP race condition (Andrea Arcangeli) [822824 820762] {CVE-2012-2373} - [infiniband] mlx4: check return code and bail on error (Doug Ledford) [799946 749059] - [infiniband] mlx4: use locking when walking netdev list (Doug Ledford) [799946 749059] - [mm] thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) [803808 800328] {CVE-2012-1179} [2.6.32-220.20.1.el6] - [vhost] net: fix possible NULL pointer dereference of vq->bufs (Jason Wang) [814286 814288] {CVE-2012-2119} - [net] macvtap: validate zerocopy vectors before building skb (Jason Wang) [814286 814288] {CVE-2012-2119} - [net] macvtap: set SKBTX_DEV_ZEROCOPY only when skb is built successfully (Jason Wang) [814286 814288] {CVE-2012-2119} - [net] macvtap: put zerocopy page when fail to get all requested user pages (Jason Wang) [814286 814288] {CVE-2012-2119} - [net] macvtap: fix zerocopy offset calculation when building skb (Jason Wang) [814286 814288] {CVE-2012-2119} - [net] bonding: remove entries for master_ip and vlan_ip and query devices instead (Andy Gospodarek) [816197 810299] - [virt] KVM: lock slots_lock around device assignment (Alex Williamson) [814154 811653] {CVE-2012-2121} - [virt] kvm: unmap pages from the iommu when slots are removed (Alex Williamson) [814154 811653] {CVE-2012-2121} - [virt] xenfv: fix hangs when kdumping (Andrew Jones) [812953 811815] - [s390x] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810125 808487] - [drm] i915: suspend fbdev device around suspend/hibernate (Dave Airlie) [818503 746169] - [fs] tmpfs: fix off-by-one in max_blocks checks (Eric Sandeen) [809399 783497] - [net] bonding: Allow Bonding driver to disable/enable LRO on slaves (Neil Horman) [818504 772317] - [virt] xen-blkfront: conditionally drop name and minor adjustments for emulated scsi devs (Laszlo Ersek) [818505 729586] - [virt] xen-blk: plug device number leak on error path in xlblk_init (Laszlo Ersek) [818505 729586] [2.6.32-220.19.1.el6] - [pci] Fix unbootable HP DL385G6 on 2.6.32-220 by properly disabling pcie aspm (Dave Wysochanski) [819614 769626] [2.6.32-220.18.1.el6] - [netdrv] iwlwifi: add option to disable 5Ghz band (Stanislaw Gruszka) [816226 812259] - [netdrv] iwlwifi: cancel scan before nulify ctx->vif (Stanislaw Gruszka) [816225 801730] - [netdrv] iwlwifi: do not nulify ctx->vif on reset (Stanislaw Gruszka) [816225 801730] - [net] mac80211: workaround crash at ieee80211_mgd_probe_ap_send (Stanislaw Gruszka) [814657 808095] - [net] bonding: 802.3ad - fix agg_device_up (Veaceslav Falico) [817466 806081] - [scsi] st: fix memory leak with 1MB tape I/O (David Milburn) [816271 811703] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2121 CVE-2012-2136 CVE-2012-0044 CVE-2012-1179 CVE-2012-2119 CVE-2012-2123 CVE-2012-2137 CVE-2012-2372 CVE-2012-2373 Oracle Linux 6 [2.6.6-29.el6_2.2] - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 [2.6.6-29.el6_2.1] - distutils.config: create ~/.pypirc securely Resolves: CVE-2011-4944 - fix endless loop in SimpleXMLRPCServer upon malformed POST request Resolves: CVE-2012-0845 - send encoding in SimpleHTTPServer.list_directory to protect IE7 against potential XSS attacks Resolves: CVE-2011-4940 - oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types Resolves: CVE-2012-1150 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4940 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 Oracle Linux 5 [2.4.3-46.el5_8.2] - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 [2.4.3-46.el5_8.1] - distutils.commands.register: create ~/.pypirc securely Resolves: CVE-2011-4944 - send encoding in SimpleHTTPServer.list_directory to protect IE7 against potential XSS attacks Resolves: CVE-2011-4940 - oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types Resolves: CVE-2012-1150 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4940 CVE-2011-4944 CVE-2012-1150 Oracle Linux 6 [libvirt-0.9.10-21.0.1.el6] - Replace docs/et.png in tarball with blank image [libvirt-0.9.10-21.el6] - qemu: Rollback on used USB devices (rhbz#743671) - qemu: Dont delete USB device on failed qemuPrepareHostdevUSBDevices (rhbz#743671) - Revert 'rpc: Discard non-blocking calls only when necessary' (rhbz#821468) [libvirt-0.9.10-20.el6] - Fix virDomainDeviceInfoIsSet() to check all struct fields (rhbz#820869) - Fix logic for assigning PCI addresses to USB2 companion controllers (rhbz#820869) - Set a sensible default master start port for ehci companion controllers (rhbz#820869) [libvirt-0.9.10-19.el6] - build: Fix the typo in configure.ac (rhbz#820461) - qemu: Fix build when !HAVE_NUMACTL (rhbz#820461) - usb: Fix crash when failing to attach a second usb device (rhbz#815755) - qemu: Use the CPU index in capabilities to map NUMA node to cpu list. (rhbz#820461) - qemu: Set memory policy using cgroup if placement is auto (rhbz#820461) [libvirt-0.9.10-18.el6] - numad: Set memory policy from numad advisory nodeset (rhbz#810157) [by default (rhbz#810157)] [(rhbz#810157)] - qemu: Avoid the memory allocation and freeing (rhbz#810157) - numad: Divide cur_balloon by 1024 before passing it to numad (rhbz#810157) - numad: Check numactl-devel if compiled with numad support (rhbz#810157) [libvirt-0.9.10-17.el6] - qemu: Dont modify domain on failed blockiotune (rhbz#819014) - qemu: Reject blockiotune if qemu too old (rhbz#819014) - qemu: Dont use virDomainDefFormat* directly (rhbz#815503) - qemu: Emit compatible XML when migrating a domain (rhbz#815503) - usb: Create functions to search usb device accurately (rhbz#815755) - qemu: Call usb search function for hostdev initialization and hotplug (rhbz#815755) - virsh: Avoid heap corruption leading to virsh abort (rhbz#819636) - util: Fix libvirtd startup failure due to netlink error (rhbz#816465) - util: Allow specifying both src and dst pid in virNetlinkCommand (rhbz#816465) - util: Function to get local nl_pid used by netlink event socket (rhbz#816465) - util: Set src_pid for virNetlinkCommand when appropriate (rhbz#816465) - domain_conf: Add 'usbredir' to list of valid spice channels (rhbz#819498) - domain_conf: Add 'default' to list of valid spice channels (rhbz#819499) - snapshot: Allow block devices past cgroup (rhbz#810200) - blockjob: Allow block devices past cgroup (rhbz#810200) - util: Avoid libvirtd crash in virNetDevTapCreate (rhbz#817234) - python: Fix the forward_null error in Python binding codes (rhbz#771021) - xen: Fix resource leak in xen driver (rhbz#771021) - test: Fix resource leak in test driver (rhbz#771021) - node: Fix resource leak in nodeinfo.c (rhbz#771021) - virnet: Fix resource leak in virnetlink.c (rhbz#771021) - vmx: Fix resource leak (rhbz#771021) - qemu: Fix resource leak (rhbz#771021) - uuid: Fix possible non-terminated string (rhbz#771021) - node_device: Fix possible non-terminated string (rhbz#771021) [libvirt-0.9.10-16.el6] - qemuOpenFile: Dont force chown on NFS (rhbz#810241) - util: Fix crash when starting macvtap interfaces (rhbz#815270) - qemu: Fix segfault when host CPU is empty (rhbz#817078) - blockjob: Allow speed setting in block copy (rhbz#815791) - blockjob: Fix block-stream bandwidth race (rhbz#815791) [libvirt-0.9.10-15.el6] - qemu: Improve errors related to offline domains (rhbz#816662) - blockjob: Check for active vm before checking blockcopy bits (rhbz#816662) - qemu: Preserve original error during migration (rhbz#807907) - rpc: Discard non-blocking calls only when necessary (rhbz#807907) - qemu: Fix detection of failed migration (rhbz#807907) - qemu: Avoid bogus error at the end of tunnelled migration (rhbz#807907) - qemu: Make sure qemu can access its directory in hugetlbfs (rhbz#815206) - virsh: Fix docs for list command (rhbz#814021) - virsh: Fix and clarify the --title flag for the list command in man page (rhbz#814021) [libvirt-0.9.10-14.el6] - blockjob: Add new API flags (rhbz#638506) - blockjob: Add 'blockcopy' to virsh (rhbz#638506) - blockjob: Enhance xml to track mirrors across libvirtd restart (rhbz#638506) - blockjob: React to active block copy (rhbz#638506) - blockjob: Add qemu capabilities related to block jobs (rhbz#638506) - blockjob: Return appropriate event and info (rhbz#638506) - blockjob: Support pivot operation on cancel (rhbz#638506) - blockjob: Make drive-reopen safer (rhbz#638506) - blockjob: Implement block copy for qemu (rhbz#638506) - blockjob: Allow for existing files (rhbz#638506) - blockjob: Allow mirroring under SELinux (rhbz#638506) - blockjob: Accommodate RHEL backport names (rhbz#638506) - virsh: Avoid strtol (rhbz#813972) - conf: Tighten up XML integer parsing (rhbz#813972) - snapshot: Fix memory leak on error (rhbz#782457) - virsh: Avoid uninitialized memory usage (rhbz#814080) [libvirt-0.9.10-13.el6] - Fix a problem in the patchset, rhbz#811497 one was applied twice in -12 - qemu, util: On restart of libvirt restart vepa callbacks (rhbz#812430) - qemu, util: Fix netlink callback registration for migration (rhbz#812430) - util: Only register callbacks for CREATE operations in virnetdevmacvlan.c (rhbz#812430) [libvirt-0.9.10-12.el6] - blockjob: Add qemu capabilities related to block pull jobs (rhbz#811683) - blockjob: Add API for async virDomainBlockJobAbort (rhbz#811683) - blockjob: Optimize JSON event handler lookup (rhbz#811683) - blockjob: Wire up qemu async virDomainBlockJobAbort (rhbz#811683) - blockjob: Allow for fast-finishing job (rhbz#811683) - virsh: Minor syntactic cleanups (rhbz#811683) - qemu: Use consistent error when qemu binary is too old (rhbz#811683) - blockjob: Add virsh blockpull --wait (rhbz#811683) - qemu: Fix deadlock when qemuDomainOpenConsole cleans up a connection (rhbz#811497) - qemu: Fix deadlock when qemuDomainOpenConsole cleans up a connection (rhbz#811497) - qemu: Fix mem leak in qemuProcessInitCpuAffinity (rhbz#810157) - numad: Convert node list to cpumap before setting affinity (rhbz#810157) - numad: Ignore cpuset if placement is auto (rhbz#810157) - conf: Do not parse cpuset only if the placement is auto (rhbz#810157) [libvirt-0.9.10-11.el6] - test: Fix segfault in networkxml2argvtest (rhbz#810100) - conf: Plug memory leaks on virDomainDiskDefParseXML (rhbz#575160) - qemu_ga: Dont overwrite errors on FSThaw (rhbz#808527) - Fix parallel build in docs/ directory (rhbz#810559) - qemu: Make migration fail when port profile association fails on the dst host (rhbz#811026) [to set the QEMU BIOS path (rhbz#811227)] [libvirt-0.9.10-10.el6] - python: Add new helper functions for python to C conversion (rhbz#807751) - python: Make python APIs use these helper functions (rhbz#807751) - python: Improve conversion validation (rhbz#807751) - qemu_agent: Issue guest-sync prior to every command (rhbz#808527) - qemu: Fix memory leak in virDomainGetVcpus (rhbz#808979) - qemu: Reflect any memory rounding back to xml (rhbz#808522) - conf: Allow fuzz in XML with cur balloon > max (rhbz#808522) - qemu: Start nested job in qemuDomainCheckEjectableMedia (rhbz#803186) - virsh: Clarify escape sequence (rhbz#808652) - virsh: Plug memory leaks on failure path (rhbz#807555) - conf: Prevent crash of libvirtd without channel target name (rhbz#808371) - qemu: Dont leak temporary list of USB devices (rhbz#808459) - qemu: Delete USB devices used by domain on stop (rhbz#808459) - qemu: Build activeUsbHostdevs list on process reconnect (rhbz#808459) - qemu: Fix virtio+macvtap migration from 6.3 to older hosts (rhbz#806633) [libvirt-0.9.10-9.el6] - qemu: Avoid entering monitor with locked driver (rhbz#803186) - snapshot: Dont pass NULL to QMP command creation (rhbz#807147) [libvirt-0.9.10-8.el6] - rebuild, forgot to apply part of the patch - spec: Add missed dependancy for numad (rhbz#769930) [libvirt-0.9.10-7.el6] - snapshot: Make quiesce a bit safer (rhbz#804210) - python: Avoid memory leaks on libvirt_virNodeGetMemoryStats (rhbz#770944) - qemu: Use unlimited speed when migrating to file (rhbz#740099) - qemu: Add support for domain cleanup callbacks (rhbz#795305) - qemu: Avoid dangling migration-in job on shutoff domains (rhbz#795305) - qemu: Add connection close callbacks (rhbz#795305) - qemu: Make autodestroy utilize connection close callbacks (rhbz#795305) - qemu: Avoid dangling migration-out job when client dies (rhbz#795305) - python: Avoid memory leaks on libvirt_virNodeGetCPUStats (rhbz#770943) - util: Consolidate duplicated error messages in virnetlink.c (rhbz#693842) - python: Add virDomainGetCPUStats python binding API (rhbz#800366) - snapshot: Add qemu capability for 'transaction' command (rhbz#782457) - snapshot: Add atomic create flag (rhbz#782457) - snapshot: Make offline qemu snapshots atomic (rhbz#782457) - snapshot: Rudimentary qemu support for atomic disk snapshot (rhbz#782457) - snapshot: Add support for qemu transaction command (rhbz#782457) - snapshot: Wire up qemu transaction command (rhbz#782457) - snapshot: Improve qemu handling of reused snapshot targets (rhbz#782457) - Clarify virsh freecell manpage entry (rhbz#698521) - Add support for event tray moved of removable disks (rhbz#575160) - docs: Add documentation for new attribute tray of disk target (rhbz#575160) - conf: Parse and for the tray attribute (rhbz#575160) - qemu: Do not start with source for removable disks if tray is open (rhbz#575160) - qemu: Prohibit setting tray status as open for block type disk (rhbz#575160) - qemu: Update tray status while tray moved event is emitted (rhbz#575160) - build: Fix incorrect enum declaration (rhbz#575160) - spec: Add missed dependancy for numad (rhbz#769930) [libvirt-0.9.10-6.el6] - cpu: Add new flag supported by qemu to the cpu definition (rhbz#767364) - Added support for AMD Bulldozer CPU (rhbz#767364) - graphics: Cleanup port policy (rhbz#801443) - qemu: Reverse condition in qemuDomainCheckDiskPresence (rhbz#798938) - cpu: Add cpu definition for Intel Sandy Bridge cpu type (rhbz#761005) - cpu: Disable tsc-deadline feature not supported in qemu on RHEL 6.3 (rhbz#761005) - qemu: Support numad (rhbz#769930) - numad: Fix typo and warning (rhbz#769930) - qemu: Use scsi-block for lun passthrough instead of scsi-disk (rhbz#782034) - util: Make virDomainLeaseDefFree global (rhbz#802851) - qemu: Dont 'remove' hostdev objects from domain if operation fails (rhbz#802851) - util: Eliminate device object leaks related to virDomain*Remove*() (rhbz#802851) - virsh: Fix invalid free (rhbz#803591) - qemu: Eliminate memory leak in qemuDomainUpdateDeviceConfig (rhbz#802854) [devices (rhbz#802856)] - qemu: Fix segfault when detaching non-existent network device (rhbz#802644) - remote: Fix migration leaks (rhbz#798497) - virsh: Trim aliases from -h output (rhbz#796526) - Fix handling of blkio deviceWeight empty string (rhbz#804028) [libvirt-0.9.10-5.el6] - Avoid global variable shadowed (rhbz#737726) - Add nodeGetCPUmap() for getting available CPU IDs in a cpumap. (rhbz#737726) - Qemu driver for virDomainGetCPUstats using cpuacct cgroup. (rhbz#737726) - Cpu-stats command shows cpu statistics information of a domain. (rhbz#737726) - Ensure max_id is initialized in linuxParseCPUmap() (rhbz#737726) - rpc: Allow truncated return for virDomainGetCPUStats (rhbz#737726) - qemu: Dont parse device twice in attach/detach (rhbz#770031) - sanlock: Fix condition left crippled while debugging (rhbz#785736) - sanlock: Use STREQ_NULLABLE instead of STREQ on strings that may be null (rhbz#785736) - qemu: Fix startupPolicy for snapshot-revert (rhbz#798938) - util: Dont overflow on errno in virFileAccessibleAs (rhbz#798938) - blockResize: Add flag for bytes (rhbz#796526) - docs: Use correct terminology for 1024 bytes (rhbz#796526) - api: Add overflow error (rhbz#796526) - util: New function for scaling numbers (rhbz#796526) - xml: Share 'unit' in RNG (rhbz#796526) - xml: Output memory unit for clarity (rhbz#796526) - storage: Support more scaling suffixes (rhbz#796526) - xml: Drop unenforced minimum memory limit from RNG (rhbz#796526) - xml: Use long long internally, to centralize overflow checks (rhbz#796526) - xml: Use better types for memory values (rhbz#796526) - xml: Allow scaled memory on input (rhbz#796526) - virsh: Add option aliases (rhbz#796526) - virsh: Use option aliases (rhbz#796526) - virsh: Add command aliases, and rename nodedev-detach (rhbz#796526) - virsh: Improve storage unit parsing (rhbz#796526) - virsh: Improve memory unit parsing (rhbz#796526) - qemuBuildCommandLine: Dont add tlsPort if none set (rhbz#801443) - Removed more AMD-specific features from cpu64-rhel* models (rhbz#768450) - qemu: Support disk filenames with comma (rhbz#801970) - cpustats: Collect VM user and sys times (miss python bindings) (rhbz#800366) - cpustats: Report user and sys times (rhbz#800366) - qemu: Fix (managed)save and snapshots with host mode CPU (rhbz#801160) - qemu: Make block io tuning smarter (rhbz#770683) [libvirt-0.9.10-4.el6] - Improve error reporting when virsh console is run without a TTY (rhbz#729940) - pidfile: Make checking binary path in virPidFileRead optional (rhbz#729940) - Add flags for virDomainOpenConsole (rhbz#729940) - virsh: Add support for VIR_DOMAIN_CONSOLE_* flags (rhbz#729940) - fdstream: Emit stream abort callback even if poll() doesnt. (rhbz#729940) - fdstream: Add internal callback on stream close (rhbz#729940) - util: Add helpers for safe domain console operations (rhbz#729940) - qemu: Add ability to abort existing console while creating new one (rhbz#729940) - Fixed service handling in specfile (rhbz#786770) - qemu: Dont emit tls-port spice option if port is -1 (rhbz#798220) - docs: Comments wiping supported algorithms (rhbz#725013) - libvirt-guests: Add documentation and clean up to use virshs improved list (rhbz#693758) - libvirt-guests: Dont try to do a managed-save of transient guests (rhbz#693758) - virsh: Enhance list command to ease creation of shell scripts (rhbz#693758) - libvirt-guests: Check if URI is reachable before launching commands (rhbz#720691) - hooks: Add support for capturing hook output (rhbz#795127) - qemu: Add pre-migration hook (rhbz#795127) - Support for cpu64-rhel* qemu cpu models (rhbz#768450) - util: Add netlink event handling to virnetlink.c (rhbz#693842) - Add de-association handling to macvlan code (rhbz#693842) - qemu: Add ibmvscsi controller model (rhbz#782034) - qemu: Add virtio-scsi controller model (rhbz#782034) - conf: Add helper function to look up disk controller model (rhbz#782034) - conf: Introduce new attribute for device address format (rhbz#782034) - qemu: New cap flag to indicate if channel is supported by scsi-disk (rhbz#782034) - qemu: Build command line for the new address format (rhbz#782034) - tests: Add tests for virtio-scsi and ibmvscsi controllers (rhbz#782034) - virsh: Two new helper functions for disk device changes (rhbz#713932) - virsh: Use vshFindDisk and vshPrepareDiskXML in cmdDetachDisk (rhbz#713932) - virsh: New command cmdChangeMedia (rhbz#713932) - qemu: Require json for block jobs (rhbz#799055) - qemu: Pass block pull backing file to monitor (rhbz#799055) - virsh: Expose partial pull (rhbz#799055) - libvirt-guests: Add parallel startup and shutdown of guests (rhbz#625362) - qemu: Shared or readonly disks are always safe wrt migration (rhbz#751631) - util: Eliminate crash in virNetDevMacVLanCreateWithVPortProfile (rhbz#693842) - rpc: Fix client crash on connection close (rhbz#800185) - conf: Add missing device types to virDomainDevice(Type|Def) (rhbz#691539) - conf: Relocate virDomainDeviceDef and virDomainHostdevDef (rhbz#691539) - conf: Reorder static functions in domain_conf.c (rhbz#691539) - qemu: Rename virDomainDeviceInfoPtr variables to avoid confusion (rhbz#691539) - conf: Add device pointer to args of virDomainDeviceInfoIterate callback (rhbz#691539) - conf: Make hostdev info a separate object (rhbz#691539) - conf: HostdevDef parse/format helper functions (rhbz#691539) - conf: Give each hostdevdef a parent pointer (rhbz#691539) - conf: Put subsys part of virDomainHostdevDef into its own struct (rhbz#691539) - conf: Hostdev utility functions (rhbz#691539) - qemu: Re-order functions in qemu_hotplug.c (rhbz#691539) - qemu: Refactor hotplug detach of hostdevs (rhbz#691539) - conf: Parse/format type='hostdev' network interfaces (rhbz#691539) - qemu: Support type='hostdev' network devices at domain start (rhbz#691539) - conf: Change virDomainNetRemove from static to global (rhbz#691539) - qemu: Use virDomainNetRemove instead of inline code (rhbz#691539) - qemu: Support type=hostdev network device live hotplug attach/detach (rhbz#691539) - util: Two new pci util functions (rhbz#691539) - util: Support functions for mac/portprofile associations on hostdev (rhbz#691539) - util: Changes to support portprofiles for hostdevs (rhbz#691539) - qemu: Install port profile and mac address on netdev hostdevs (rhbz#691539) - Fix build after commit e3ba4025 (rhbz#693842) [libvirt-0.9.10-3.el6] - storage: Allow runtime detection of scrub missing build dep (rhbz#725013) - daemon: Plug memory leak (rhbz#795978) - daemon: Fix logic bug with virAsprintf (rhbz#795978) - util: Fix virFileAccessibleAs return path from parent (rhbz#795093) - Add support for unsafe migration (rhbz#751631) - virsh: Add --unsafe option to migrate command (rhbz#751631) - Introduce virStorageFileIsClusterFS (rhbz#751631) - qemu: Forbid migration with cache != none (rhbz#751631) - qemu: Nicer error message on failed graceful destroy (rhbz#795656) - Error out when using SPICE TLS with spice_tls=0 (rhbz#790436) - Revert 'spec: Mark directories in /var/run as ghosts' (rhbz#788985) - Fixed URI parsing (rhbz#785164) - virsh: Fix informational message in iface-bridge command (rhbz#797066) [libvirt-0.9.10-2.el6] - qemu: Set capabilities based on supported monitor commands (rhbz#766958) - qemu: Implement DomainPMSuspendForDuration (rhbz#766958) - snapshot: Fix snapshot deletion use-after-free (rhbz#790744) - storage: Allow runtime detection of scrub (rhbz#725013) - qemu: Unlock monitor when connecting to dest qemu fails (rhbz#783968) - qemu: Prevent crash of libvirtd without guest agent (rhbz#790745) - python: Expose virDomain{G,S}etInterfaceParameters APIs in python binding (rhbz#770971) [libvirt-0.9.10-1.el6] - Rebase to upstream 0.9.10 (rhbz#752433) - Add support for sVirt in the LXC driver - block rebase: add new API virDomainBlockRebase - API: Add api to set and get domain metadata - virDomainGetDiskErrors public API - conf: add rawio attribute to disk element of domain XML - Add new public API virDomainGetCPUStats() - Introduce virDomainPMSuspendForDuration API - resize: add virStorageVolResize() API - Add a virt-host-validate command to sanity check HV config - Add new virDomainShutdownFlags API - QEMU guest agent support - many improvements and bug fixes [libvirt-0.9.10-0rc2.el6] - Rebase to upstream 0.9.10 release candidate 2 (rhbz#752433) [libvirt-0.9.10-0rc1.el6] - Rebase to upstream 0.9.10 release candidate 1 (rhbz#752433) [libvirt-0.9.9-2.el6] - Remove dependancy to dmidecode for non PC arches (rhbz#782444) [libvirt-0.9.9-1.el6] - Rebase to upstream 0.9.9 (rhbz#752433) [libvirt-0.9.9-0rc1.el6] - Rebase to upstream 0.9.9 release candidate 1 (rhbz#752433) [libvirt-0.9.8-1.el6] - Rebase to upstream 0.9.8 (rhbz#752433) - some cleanups on the few remaining RHEL-only patches [libvirt-0.9.8-0rc2.el6] - Rebase to upstream 0.9.8 release candidate 2 (rhbz#752433) LOW Copyright 2012 Oracle, Inc. CVE-2012-2693 Oracle Linux 6 [1:1.16.19-1] - Rebase to libguestfs 1.16.19 resolves: rhbz#719879 - Rebuild against augeas 0.9.0-3.el6 related: rhbz#808662 - Fix: Don't abort inspection if mdadm.conf ARRAY doesn't have a uuid. - Switch back to git for patch management. [1:1.16.18-2] - Rebase to libguestfs 1.16.18 resolves: rhbz#719879 - Fix: guestfs_last_error not set when qemu fails early during launch resolves: rhbz#811673 - Fix: RFE: virt-sysprep: hostname can not be changed on rhel system (RHBZ#811112) - Fix: RFE: virt-sysprep: net-hwaddr not removed from ifcfg-* files on rhel (RHBZ#811117) - Fix: inspection fails on ubuntu 10.04 guest with encrypted swap (RHBZ#811872) - Fix: cannot open disk images which are symlinks to files that contain ':' (colon) character (RHBZ#812092) - BR gettext-devel so we can rerun autoconf. [1:1.16.15-1] - Rebase to libguestfs 1.16.15 resolves: rhbz#719879 - Fix: inspection doesn't recognize Fedora 17+ (RHBZ#809401) [1:1.16.14-1] - Rebase to libguestfs 1.16.14 resolves: rhbz#719879 - virt-sysprep should use virt-inspector2 resolves: rhbz#807557 - Fix: mkfs blocksize option breaks when creating btrfs resolves: rhbz#807905 [1:1.16.12-1] - Rebase to libguestfs 1.16.12 resolves: rhbz#719879 - Fix: could not locate HKLM\SYSTEM\MountedDevices resolves: rhbz#803699 [1:1.16.10-1] - Rebase to libguestfs 1.16.10 resolves: rhbz#719879 - Fix: libguestfs holds open file descriptors when handle is launched resolves: rhbz#801788 - Fix: Document for set-pgroup need to be updated resolves: rhbz#801273 - Fix: Possible null dereference and resource leaks resolves: rhbz#801298 [1:1.16.8-1] - Rebase to libguestfs 1.16.8 resolves: rhbz#719879 - Fix set_autosync function so it is not 'ConfigOnly' resolves: rhbz#796520 - Fix header compilation for C++ resolves: rhbz#799695 [1:1.16.6-1] - Rebase to libguesfs 1.16.6 resolves: rhbz#798197, rhbz#797760,rhbz#790958,rhbz#798980,rhbz#795322,rhbz#796520 - Fix virt-inspector2 man page. [1:1.16.5-1] - Rebase to libguestfs 1.16.5 resolves: rhbz#679737, rhbz#789960 [1:1.16.4-1] - Rebase to libguestfs 1.16.4 resolves: rhbz#788642 [1:1.16.3-1] - Rebase to libguestfs 1.16.3 resolves: rhbz#679737, rhbz#769359, rhbz#785305 [1:1.16.2-1] - Rebase to libguestfs 1.16.2 resolves: rhbz#719879 [1:1.16.1-1] - Rebase to libguestfs 1.16.1 - Disable tests (probably because we are hitting https://lists.gnu.org/archive/html/qemu-devel/2010-02/threads.html#00823 ) resolves: rhbz#719879 [1:1.14.7-4] - Continue with rebase to libguestfs 1.14.7 resolves: rhbz#719879 [1:1.14.7-1] - Rebase to libguestfs 1.14.7 resolves: rhbz#719879 LOW Copyright 2012 Oracle, Inc. CVE-2012-2690 Oracle Linux 6 [5.8.10-2] - add patch to update information on debugging in the man page Resolves: #820311 - add patch to prevent debug output to stdout after forking Resolves: #820996 - add patch to support ssl certificates with domain names longer than 128 chars Resolves: #822118 [5.8.10-1] - rebase to rsyslog 5.8.10 Resolves: #803550 Resolves: #805424 Resolves: #813079 Resolves: #813084 - consider lock file in 'status' action Resolves: #807608 - add impstats and imptcp modules - include new license text files - specify which versions of sysklogd are obsoleted [5.8.7-1] - rebase to rsyslog-5.8.7 - change license from 'GPLv3+' to '(GPLv3+ and ASL 2.0)' http://blog.gerhards.net/2012/01/rsyslog-licensing-update.html - remove patches obsoleted by rebase - add patches for better sysklogd compatibility (taken from upstream) - update included files for the new major version Resolves: #672182 Resolves: #727380 Resolves: #756664 Resolves: #767527 Resolves: #769025 - add several directories for storing auxiliary data Resolves: #740420 - fix source package URL MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4623 Oracle Linux 6 [1:1.15.1-15] - Fix btrfs support to findfs and related applets - Resolves: #751927 [1:1.15.1-14] - Resolves: #790335 'busybox various flaws' Added a fix for SEGV on empty command in hush [1:1.15.1-13] - Resolves: #790335 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc insufficient checking of DHCP options' [1:1.15.1-12] - Backport 'set -o pipefail' support - Resolves: #782018 - Add btrfs support to findfs and related applets - Resolves: #751927 LOW Copyright 2012 Oracle, Inc. CVE-2006-1168 CVE-2011-2716 Oracle Linux 6 [3.1.9-2] - remove -devel package ISA multilib dependencies [3.1.9-1] - update to 3.1.9 (bugfix, stable) (#662655) - create -devel subpackage with header files - ship apc.php for easier referral in the config files LOW Copyright 2012 Oracle, Inc. CVE-2010-3294 Oracle Linux 6 [1.2.10.2-15] - Resolves: Bug 824014 - DS Shuts down intermittently [1.2.10.2-14] - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress -- patch 0015 fixes a small memleak in previous patch [1.2.10.2-13] - Resolves: Bug 822700 - Bad DNs in ACIs can segfault ns-slapd [1.2.10.2-12] - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress - Resolves: Bug 821542 - letters in object's cn get converted to lowercase when renaming object [1.2.10.2-11] - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress - 1.2.10.2-10 was built from the private branch [1.2.10.2-10] - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress [1.2.10.2-9] - Resolves: Bug 815991 - crash in ldap_initialize with multiple threads - previous fix was still crashing in ldclt [1.2.10.2-8] - Resolves: Bug 815991 - crash in ldap_initialize with multiple threads [1.2.10.2-7] - Resolves: Bug 813964 - IPA dirsvr seg-fault during system longevity test [1.2.10.2-6] - Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV) - typo in previous patch [1.2.10.2-5] - Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV) [1.2.10.2-4] - Resolves: Bug 803930 - ipa not starting after upgade because of missing data - get rid of posttrans - move update code to post [1.2.10.2-3] - Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash [1.2.10.2-2] - Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash - Resolves: Bug 800217 - fix valgrind reported issues [1.2.10.2-1] - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10 - Resolves: Bug 796770 - crash when replicating orphaned tombstone entry [1.2.10.1-1] - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10 - Resolves: Bug 790491 - 389 DS Segfaults during replica install in FreeIPA [1.2.10.0-1] - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10 [1.2.10-0.11.rc2] - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10 [1.2.9.16-1] - Bug 759301 - Incorrect entryUSN index under high load in replicated environment - Bug 743979 - Add slapi_rwlock API and use POSIX rwlocks - WARNING - patches 0030 and 0031 remove and add back the file configure - this is necessary because the merge commit to rebase RHEL-6 to 1.2.9.6 - seriously messed up configure - so in order to add the patch for 743979 - which also touched configure, the file had to be removed and added back - also note that the commit for the RHEL-6 branch to remove configure does - not work - the way patch works, it has to match every line exactly in - order to remove the file, and because the merge commit messed things - up, it doesn't work - So, DO NOT TOUCH 0030-remove-configure-to-get-rid-of-merge-conflict.patch - BECAUSE IT IS HAND CRAFTED and not generated by git format-patch - if you must regenerate this file, - git format-patch ...args... to generate a file in patch format - remove all of the patch matches (all the lines beginning with -) - get the 1.2.9.6 version of configure from the source tarball - wc -l configure to get the number of lines in the file - sed 's/^/-/' configure >> thefile.patch - edit thefile.patch to have the right number of lines and have the - patch commands in the correct place - PROFIT!!! [1.2.9.15-1] - Bug 752577 - crash when simple paged fails to send entry to client - Bug 757897 - rhds81 modrn operation and 100% cpu use in replication - Bug 757898 - Fix Coverity (11104) Resource leak: ids_sasl_user_to_entry (slapd/saslbind.c) LOW Copyright 2012 Oracle, Inc. CVE-2012-0833 Oracle Linux 6 abrt [2.0.8-6.0.1.el6] - Add abrt-oracle-enterprise.patch to be product neutral - Remove abrt-plugin-rhtsupport dependency for cli and desktop - Make abrt Obsoletes/Provides abrt-plugin-rhtsupprot [2.0.8-6] - enable plugin services after install rhbz#820515 - Resolves: #820515 [2.0.8-5] - removed the 'report problem with ABRT btn' rhbz#809587 - fixed double free - fixed ccpp-install man page - Resolves: #809587, #796216, #799027 [2.0.8-4] - dont mark reports reported in post-create by mailx as reported - Resolves: #803618 [2.0.8-3] - fixed remote crash handling rhbz#800828 - Resolves: #800828 [2.0.8-2] - updated translation - added man page for a-a-analyze-vmcore - minor fixes in kernel oops parser - Related: #759375 [2.0.8-1] - rebase to the latest upstream - partly fixed probles with suided cores - fixed confusing message about 'moved copy' - properly enable daemons on update from previous version - added default config file for mailx - cli doesnt depend on python plugin - properly init i18n all plugins - added missing man page to abrt-cli - added warning when user tries to report already reported problem again - added vmcores plugin - Resolves: #759375, #783450, #773242, #771597, #770357, #751068, #749100, #747624, #727494 btparser [0.16-3] - Report correct crash_function in the crash sumary Resolves: rhbz#811147 [0.16-1] - New upstream release Resolves: #768377 libreport [2.0.9-5.0.1.el6] - Add oracle-enterprise.patch - Remove libreport-plugin-rhtsupport pkg [2.0.9-5] - rebuild due to rpmdiff - Resolves: #823411 [2.0.9-4] - fixed compatibility with bugzilla 4.2 - Resolves: #823411 [2.0.9-3] - added notify-only option to mailx rhbz#803618 - Resolves: #803618 [2.0.9-2] - minor fix in debuginfo downloader - updated translations - Related: #759377 [2.0.9-1] - new upstream release - fixed typos in man - fixed handling of anaconda-tb file - generate valid xml file - Resolves: #759377, #758366, #746727 python-meh [0.12.1-3] - Add dbus-python and libreport to BuildRequires (vpodzime). Related: rhbz#796176 [0.12.1-2] - Add %check unset DISPLAY section to spec file (vpodzime). Resolves: rhbz#796176 [0.12.1-1] - Adapt to new libreport API (vpodzime). Resolves: rhbz#769821 - Add info about environment variables (vpodzime). Resolves: rhbz#788577 [0.11-3] - Move 'import rpm' to where its needed to avoid nameserver problems. Resolves: rhbz#749330 [0.11-2] - Change dependency to libreport-* (mtoman) Resolves: rhbz#730924 - Add abrt-like information to bug reports (vpodzime). Resolves: rhbz#728871 LOW Copyright 2012 Oracle, Inc. CVE-2011-4088 CVE-2012-1106 Oracle Linux 6 [2.6.32-279.el6] - [netdrv] mlx4: ignore old module parameters (Jay Fenlason) [830553] [2.6.32-278.el6] - [kernel] sysctl: silence warning about missing strategy for file-max at boot time (Jeff Layton) [803431] - [net] sunrpc: make new tcp_max_slot_table_entries sysctl use CTL_UNNUMBERED (Jeff Layton) [803431] - [drm] i915: set AUD_CONFIG N_value_index for DisplayPort (Dave Airlie) [747890] - [scsi] scsi_lib: fix scsi_io_completions SG_IO error propagation (Mike Snitzer) [827163] - [fs] nfs: Fix corrupt read data after short READ from server (Sachin Prabhu) [817738] [2.6.32-277.el6] - [scsi] be2iscsi: fix dma free size mismatch regression (Mike Christie) [824287] - [scsi] libsas: check dev->gone before submitting sata i/o (David Milburn) [824025] [2.6.32-276.el6] - [net] ipv4/netfilter: TCP and raw fix for ip_route_me_harder (Jiri Benc) [812108] [2.6.32-275.el6] - [net] bridge: fix broadcast flood regression (Jesper Brouer) [817157] - [ipc] mqueue: use correct gfp flags in msg_insert (Doug Ledford) [750260] - [security] fix compile error in commoncap.c (Eric Paris) [806726] {CVE-2012-2123} - [security] fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [806726] {CVE-2012-2123} - [fs] proc: Fix vmstat crashing with trap divide error (Larry Woodman) [820507] - [net] rds: fix rds-ping inducing kernel panic (Jay Fenlason) [803936] {CVE-2012-2372} - [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [814504] {CVE-2012-2136} - [virt] kvm: Fix buffer overflow in kvm_set_irq() (Avi Kivity) [816155] {CVE-2012-2137} [2.6.32-274.el6] - [net] sunrpc: fix loss of task->tk_status after rpc_delay call in xprt_alloc_slot (Jeff Layton) [822189] - [net] sunrpc: suppress page allocation warnings in xprt_alloc_slot() (Jeff Layton) [822189] - [net] netfilter: Fix ip_route_me_harder triggering ip_rt_bug (Jiri Benc) [812108] - [net] netfilter/tproxy: do not assign timewait sockets to skb->sk (Jiri Benc) [812108] - [usb] Dont fail USB3 probe on missing legacy PCI IRQ (Don Zickus) [812254] - [usb] Fix handoff when BIOS disables host PCI device (Don Zickus) [812254] - [usb] Remove duplicate USB 3.0 hub feature #defines (Don Zickus) [812254] - [usb] Set hub depth after USB3 hub reset (Don Zickus) [812254] - [usb] xhci: Fix encoding for HS bulk/control NAK rate (Don Zickus) [812254] - [usb] Fix issue with USB 3.0 devices after system resume (Don Zickus) [812254] - [virt] xenpv: avoid paravirt __pmd in read_pmd_atomic (Andrew Jones) [822697] [2.6.32-273.el6] - [s390] qeth: remove siga retry for HiperSockets devices (Hendrik Brueckner) [817090] - [scsi] lpfc: Changed version number to 8.3.5.68.5p (Rob Evers) [821515] - [scsi] lpfc: Fixed system crash due to not providing SCSI error-handling host reset handler (Rob Evers) [821515] - [scsi] lpfc: Correct handling of SLI4-port XRI resource-provisioning profile change (Rob Evers) [821515] - [scsi] lpfc: Fix driver crash during back-to-back ramp events. (Rob Evers) [821515] - [scsi] lpfc: Fixed system panic due to midlayer abort and driver complete race on SCSI cmd (Rob Evers) [821515] - [scsi] sd: Fix device removal NULL pointer dereference (Rob Evers) [817853] - [md] Add del_timer_sync to mddev_suspend, fixes a panic (Jonathan E Brassow) [818371] - [virt] virtio_net: invoke softirqs after __napi_schedule (Michael S. Tsirkin) [819435] - [virt] virtio_net: do not reschedule rx refill forever (Michael S. Tsirkin) [819435] [2.6.32-272.el6] - [md] bitmap: ensure to load bitmap when creating via sysfs (Jes Sorensen) [821329] - [infiniband] mlx4: fix RoCE oops (Doug Ledford) [749059] - [x86] setup: Add rh_check_supported() (Prarit Bhargava) [821561] - [mm] read_pmd_atomic: fix pmd_populate SMP race condition (Andrea Arcangeli) [820762] {CVE-2012-1179} - [drm] i915: add Ivy Bridge GT2 Server entries (Dave Airlie) [817926] [2.6.32-271.el6] - [scsi] qla2xxx: Update version number to 8.04.00.04.06.3-k (Chad Dupuis) [816331] - [scsi] qla2xxx: Properly check for current state after the fabric-login request (Chad Dupuis) [816331] - [scsi] qla2xxx: Proper completion to scsi-ml for scsi status task_set_full and busy (Chad Dupuis) [816331] - [scsi] qla2xxx: Fix reset time out as qla2xxx not ack to reset request (Chad Dupuis) [816331] - [scsi] qla2xxx: Block flash access from application when device is initialized for ISP82xx (Chad Dupuis) [816331] - [scsi] qla2xxx: Remove resetting memory during device initialization for ISP82xx (Chad Dupuis) [816331] - [scsi] qla2xxx: Proper detection of firmware abort error code for ISP82xx (Chad Dupuis) [816331] - [scsi] qla2xxx: Additional corrections for ISP83xx support (Chad Dupuis) [816331] - [scsi] bfa: remove tech-preview tainting (Rob Evers) [744301] - [input] wacom: add support for Cintiq 24HD (Aristeu Rozanski) [773052] - [netdrv] bna: remove tech-preview status (Ivan Vecera) [744302] - [net] xfrm: impement kabi work-arounds for alg_trunc_len (Jarod Wilson) [768460] - [net] xfrm: Add SHA384 and SHA512 HMAC authentication algorithms to XFRM (Jarod Wilson) [768460] - [net] xfrm: Use the user specified truncation length in ESP and AH (Jarod Wilson) [768460] - [net] xfrm: Store aalg in xfrm_state with a user specified truncation length (Jarod Wilson) [768460] - [net] xfrm: Define new XFRM netlink auth attribute with specified truncation bits (Jarod Wilson) [768460] - [scsi] bxn2fc: Bumped version to 1.0.11 (Mike Christie) [813065] - [scsi] bnx2fc: cleanup task management IO when it times out. (Mike Christie) [813065] - [scsi] bnx2fc: Decrememnt io ref count when abort times out (Mike Christie) [813065] - [scsi] bnx2fc: Allow FLOGI to be retried when receiving bad responses. (Mike Christie) [813065] - [netdrv] be2net: Ignore status of some ioctls during driver load (Ivan Vecera) [818561] - [netdrv] be2net: Fix wrong status getting returned for MCC commands (Ivan Vecera) [818561] - [netdrv] be2net: Fix traffic stall INTx mode (Ivan Vecera) [818561] - [netdrv] be2net: Fix FW download in Lancer (Ivan Vecera) [818561] - [netdrv] be2net: enable RSS for ipv6 pkts (Ivan Vecera) [818561] - [s390] af_iucv: allow shutdown for HS transport sockets (Hendrik Brueckner) [815273] - [infiniband] cxgb4: handle wake up waiters and add check for invalid endpoint (Steve Best) [811023] - [drm] radeon: deal with errors from framebuffer init path (Dave Airlie) [736376] - [fs] proc: restore 'huge' tag for hugetlb vmas in numa_maps (Larry Woodman) [818746] - [fs] proc: teach /proc//numa_maps about transparent hugepages (Larry Woodman) [818746] - [fs] proc: break out numa_maps gather_pte_stats() checks (Larry Woodman) [818746] - [fs] proc: make /proc//numa_maps gather_stats() take variable page size (Larry Woodman) [818746] - [fs] proc: allocate storage for numa_maps statistics once (Larry Woodman) [818746] - [fs] proc: make struct proc_maps_private truly private (Larry Woodman) [818746] - [fs] proc: move show_numa_map() to fs/proc/task_mmu.c (Larry Woodman) [818746] - [mm] mempolicy: declare mpol_to_str() when CONFIG_TMPFS=n (Larry Woodman) [818746] - [mm] mempolicy: remove check_huge_range() (Larry Woodman) [818746] - [mm] mempolicy: make gather_stats() type-safe and remove forward declaration (Larry Woodman) [818746] - [mm] mempolicy: remove MPOL_MF_STATS (Larry Woodman) [818746] - [mm] mempolicy: use walk_page_range() instead of custom page table walking code (Larry Woodman) [818746] - [mm] mempolicy: export get_vma_policy() (Larry Woodman) [818746] - [block] mtip32xx: fix missing mtip32xx.ko in installer initrd (Shyam Iyer) [819947] - [input] wacom: add LED support for Cintiq 24HD (Aristeu Rozanski) [808315] - [input] wacom: make LED status readable through sysfs (Aristeu Rozanski) [808315] - [input] wacom: add LED support for Cintiq 21ux2 (Aristeu Rozanski) [808315] - [input] wacom: add interface to control LEDs in Wacom tablets (Aristeu Rozanski) [808315] - [vhost] net: fix possible NULL pointer dereference of vq->bufs (Jason Wang) [814288] {CVE-2012-2119} - [net] macvtap: validate zerocopy vectors before building skb (Jason Wang) [814288] {CVE-2012-2119} - [net] macvtap: set SKBTX_DEV_ZEROCOPY only when skb is built successfully (Jason Wang) [814288] {CVE-2012-2119} - [net] macvtap: put zerocopy page when fail to get all requested user pages (Jason Wang) [814288] {CVE-2012-2119} - [net] macvtap: fix zerocopy offset calculation when building skb (Jason Wang) [814288] {CVE-2012-2119} - [netdrv] be2net: Fix EEH error reset before a flash dump completes (Ivan Vecera) [818568] - [netdrv] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [818568] - [net] bonding: assign slaves their own vlan_groups (Neil Horman) [804232] - [net] vlan: Add helper functions to manage vlans on bonds and slaves (Neil Horman) [804232] - [virt] kvm: Fix kvm_arch_vcpu_put() crash with vmm_exclusive=0 (Avi Kivity) [704173] [2.6.32-270.el6] - [netdrv] be2net: Record receive queue index in skb to aid RPS (Ivan Vecera) [818558] - [scsi] bnx2i: Updated version and copyright year (Mike Christie) [816376] - [scsi] bnx2i: Added the setting of target can_queue via target_alloc (Mike Christie) [816376] - [netdrv] be2net: fix calling __vlan_put_tag() after eth_type_trans() (Ivan Vecera) [815670] - [s390] af_iucv: detect down state of HS transport interface (Hendrik Brueckner) [815274] - [s390] qeth: Improve OSA Express 4 blkt defaults (Hendrik Brueckner) [808486] - [netdrv] ixgbe: Correct Adaptive Interrupt Moderation so that it will change values (Andy Gospodarek) [802837] - [mm] x86: Move do_page_fault()s error path under unlikely() (Motohiro Kosaki) [770376] - [mm] x86: make pagefault killable (Motohiro Kosaki) [770376] - [mm] x86: Handle mm_fault_error() in kernel space (Motohiro Kosaki) [770376] - [mm] introduce wait_on_page_locked_killable() (Motohiro Kosaki) [770376] - [mm] oom_kill: remove memcg argument from oom_kill_task() (Motohiro Kosaki) [770376] - [mm] oom-kill: remove boost_dying_task_prio() (Motohiro Kosaki) [770376] - [net] rds: RDS over QLogic hardware fails to work (Jay Fenlason) [797530] - [net] netpoll: fix Allow netpoll_setup/cleanup recursion (Herbert Xu) [816034] - [netdrv] atl1c: add workaround for issue of bit INTX-disable for MSI interrupt (Stanislaw Gruszka) [809036] - [netdrv] atl1c: enlarge L1 response waiting timer (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove PHY polling from atl1c_change_mtu (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Disable L0S when no cable link (Stanislaw Gruszka) [809036] - [netdrv] atl1c: do MAC-reset when PHY link down (Stanislaw Gruszka) [809036] - [netdrv] atl1c: cancel task when interface closed (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine mac address related code (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove code of closing register writable attribution (Stanislaw Gruszka) [809036] - [netdrv] atl1c: clear WoL status when reset pcie (Stanislaw Gruszka) [809036] - [netdrv] atl1c: add PHY link event(up/down) patch (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine start/enable code for MAC module (Stanislaw Gruszka) [809036] - [netdrv] atl1c: add function atl1c_power_saving (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove PHY reset/init for link down event (Stanislaw Gruszka) [809036] - [netdrv] atl1c: update PHY reset related routine (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove PHY polling from atl1c_open (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine SERDES-clock related code (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove PHY contrl in atl1c_reset_pcie (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine phy-register read/write function (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove REG_PHY_STATUS (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove MDIO_REG_ADDR_MASK in atl1c_mdio_read/write (Stanislaw Gruszka) [809036] - [netdrv] atl1c: fix WoL(magic) issue for l2cb 1.1 (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine atl1c_pcie_patch (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine/update ASPM configuration (Stanislaw Gruszka) [809036] - [netdrv] atl1c: clear bit MASTER_CTRL_CLK_SEL_DIS in atl1c_pcie_patch (Stanislaw Gruszka) [809036] - [netdrv] atl1c: refine reg definition of REG_MASTER_CTRL (Stanislaw Gruszka) [809036] - [netdrv] atl1c: clear PCIE error status in atl1c_reset_pcie (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove dmar_dly_cnt and dmaw_dly_cnt (Stanislaw Gruszka) [809036] - [netdrv] atl1c: update right threshold for TSO (Stanislaw Gruszka) [809036] - [netdrv] atl1c: add module parameter for l1c_wait_until_idle (Stanislaw Gruszka) [809036] - [netdrv] atl1c: threshold for ASPM is changed based on chip capability (Stanislaw Gruszka) [809036] - [netdrv] atl1c: restore max-read-request-size in Device Conrol Register (Stanislaw Gruszka) [809036] - [netdrv] atl1c: using fixed TXQ configuration for l2cb and l1c (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove dmaw_block (Stanislaw Gruszka) [809036] - [netdrv] atl1c: correct wrong definition of REG_DMA_CTRL (Stanislaw Gruszka) [809036] - [netdrv] atl1c: wrong register used to stop TXQ (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove code related to rxq 1/2/3 (Stanislaw Gruszka) [809036] - [netdrv] atl1c: split 2 32bit registers of TPD to 4 16bit registers (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove SMB/CMB DMA related code (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove VPD register (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove HDS register (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove multiple-RX-Q code (Stanislaw Gruszka) [809036] - [netdrv] atl1c: update author contact info & company/driver desciption (Stanislaw Gruszka) [809036] - [netdrv] atl1c: stop using net_device.{base_addr, irq} (Stanislaw Gruszka) [809036] - [netdrv] atl1c: set ATL1C_WORK_EVENT_RESET bit correctly (Stanislaw Gruszka) [809036] - [netdrv] atl1c: dont use highprio tx queue (Stanislaw Gruszka) [809036] - [netdrv] atl1c: set addr_assign_type if random_ether_addr() used (Stanislaw Gruszka) [809036] - [netdrv] atl1c: ethernet dev_alloc_skb to netdev_alloc_skb (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Remove alloc_etherdev error messages (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Sweep away N/A fw_version dustbunnies from the .get_drvinfo routine (Stanislaw Gruszka) [809036] - [netdrv] atl1c: add skb frag size accessors (Stanislaw Gruszka) [809036] - [netdrv] atl1c: use DMA_x_DEVICE and dma_mapping_error with skb_frag_dma_map (Stanislaw Gruszka) [809036] - [netdrv] atl1c: convert to SKB paged frag API (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Remove unneeded version.h includes from drivers/net/ (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove interrupt.h inclusion from netdevice.h (Stanislaw Gruszka) [809036] - [netdrv] atl1c: atl1c_resume() is only used when CONFIG_PM_SLEEP is defined (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Use ethtools ethtool_cmd_speed API (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Use full 32 bit speed range in ethtools set_settings (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Fix work event interrupt/task races (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Fix set-but-unused variable (Stanislaw Gruszka) [809036] - [netdrv] atl1c: fix sparse warnings (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Do not call device_init_wakeup() in atl1c_probe() (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Add missing PCI device ID (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove private #define (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Comment typo fixes for 'descriptor' (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Do not use legacy PCI power management (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Fix hardware type check for enabling OTP CLK (Stanislaw Gruszka) [809036] - [netdrv] atl1c: make functions static (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Dont check for vlan group before vlan_tx_tag_present (Stanislaw Gruszka) [809036] - [netdrv] atl1c: avoid some skb->ip_summed initializations (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Remove double test (Stanislaw Gruszka) [809036] - [netdrv] atl1c: use net_device_stats from struct net_device (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Add AR8151 v2 support and change L0s/L1 routine (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Remove unnecessary returns from void function()s (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove redundant code (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h (Stanislaw Gruszka) [809036] - [netdrv] atl1c: convert multiple drivers to use netdev_for_each_mc_addr, part3 (Stanislaw Gruszka) [809036] - [netdrv] atl1c: Add support for Atheros AR8152 and AR8152 (Stanislaw Gruszka) [809036] - [netdrv] atl1c: use DEFINE_PCI_DEVICE_TABLE() (Stanislaw Gruszka) [809036] - [netdrv] atl1c: fix assorted typos all over the place (Stanislaw Gruszka) [809036] - [netdrv] atl1c: use pM to show MAC address (Stanislaw Gruszka) [809036] - [netdrv] atl1c:add pci map direction in atl1c_buffer flags (Stanislaw Gruszka) [809036] - [netdrv] atl1c: remove exceptional & on function name (Stanislaw Gruszka) [809036] - [netdrv] atl1c: change atl1c_buffer struct and restructure clean atl1c_buffer procedure (Stanislaw Gruszka) [809036] - [netdrv] atl1c: duplicate atl1c_get_tpd (Stanislaw Gruszka) [809036] - [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [817140] - [fs] epoll: Dont limit non-nested epoll paths (Jason Baron) [817137] - [netdrv] tg3: Fix ethtool self tests (John Feeney) [808243 809036] - [infiniband] mlx4: check return code and bail on error (Doug Ledford) [749059] - [infiniband] mlx4: use locking when walking netdev list (Doug Ledford) [749059] - [x86] asm: undo paravirt_patch_template kABI breakage (Rik van Riel) [813682] - [fs] cifs: check S_AUTOMOUNT in revalidate (Ian Kent) [786149] - [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry() (Ian Kent) [786149] - [s390x] kdump: Change default action from reipl to stop for on_restart (Hendrik Brueckner) [806152] - [s390x] qeth: add missing wake_up call (Hendrik Brueckner) [806151] - [s390x] lcs: lcs offline failure (Hendrik Brueckner) [804643] - [s390x] ctcmpc: use correct idal word list for ctcmpc (Hendrik Brueckner) [798641] - [s390x] dasd: fix fixpoint divide exception in define_extent (Hendrik Brueckner) [798002] - [s390x] mm: prevent memory zone interleave (Hendrik Brueckner) [797936] - [s390x] qeth: synchronize discipline module loading (Hendrik Brueckner) [795462] - [powerpc] perf: Check current->mm in read_user_stack_slow (Steve Best) [804569] - [powerpc] perf: Disable pagefaults during callchain stack read (Jiri Olsa) [804569] - [tools] selftests: mqueue mq_perf_tests checkpatch fixes (Doug Ledford) [750260] - [ipc] mqueue: strengthen checks on mqueue creation fix (Doug Ledford) [750260] - [misc] rbtree: backport rb_init_node() (Doug Ledford) [750260] - [tools] selftests: add mq_perf_tests (Doug Ledford) [750260] - [tools] selftests: add mq_open_tests (Doug Ledford) [750260] - [ipc] mqueue: strengthen checks on mqueue creation (Doug Ledford) [750260] - [ipc] mqueue: correct mq_attr_ok test (Doug Ledford) [750260] - [ipc] mqueue: improve performance of send/recv (Doug Ledford) [750260] - [watchdog] iTCO_wdt: default SMI clearing to old behaviour (Prarit Bhargava) [727875 811324] - [watchdog] iTCO_wdt: problems with newer hardware due to SMI clearing (Prarit Bhargava) [727875 811324] - [sound] alsa: fix Conexant CX20561 audio mute functionality (Jaroslav Kysela) [816569] - [s390] kdump: Use 4 GiB for KEXEC_AUTO_THRESHOLD (Hendrik Brueckner) [815599] - [net] bonding: verify for NULL when getting bridge from bond_dev->br_port (Veaceslav Falico) [816034 817145] - [md] dm-mpath: only try to load the scsi_dh module if the scsi_dh doesnt exist (Mike Snitzer) [788591] - [virt] kvm/svm: handle adjustment of negative tsc offsets (Marcelo Tosatti) [817236] - [netdrv] be2net: fix programming of VLAN tags for VF (Ivan Vecera) [816013] - [scsi] isci: End the RNC resumption wait when the RNC is destroyed. (David Milburn) [809954] - [scsi] isci: Fixed RNC bug that lost the suspension or resumption during destroy (David Milburn) [809954] - [scsi] isci: Fix RNC AWAIT_SUSPENSION->INVALIDATING transition. (David Milburn) [809954] - [scsi] isci: Manage the IREQ_NO_AUTO_FREE_TAG under scic_lock. (David Milburn) [809954] - [scsi] isci: Remove obviated host callback list. (David Milburn) [809954] - [scsi] isci: Check IDEV_GONE before performing abort path operations. (David Milburn) [809954] - [scsi] isci: Restore the ATAPI device RNC management code. (David Milburn) [809954] - [scsi] isci: Dont wait for an RNC suspend if its being destroyed. (David Milburn) [809954] - [scsi] isci: Change the phy control and link reset interface for HW reasons. (David Milburn) [809954] - [scsi] isci: Added timeouts to RNC suspensions in the abort path. (David Milburn) [809954] - [scsi] isci: Add protocol indicator for TMF requests. (David Milburn) [809954] - [scsi] isci: Directly control IREQ_ABORT_PATH_ACTIVE when completing TMFs. (David Milburn) [809954] - [scsi] isci: Wait for RNC resumption before leaving the abort path. (David Milburn) [809954] - [scsi] isci: Fix RNC suspend call for SCI_RESUMING state. (David Milburn) [809954] - [scsi] isci: Manage tag releases differently when aborting tasks. (David Milburn) [809954] - [scsi] isci: Callbacks to libsas occur under scic_lock and are synchronized. (David Milburn) [809954] - [scsi] isci: When in the abort path, defeat other resume calls until done. (David Milburn) [809954] - [scsi] isci: Implement waiting for suspend in the abort path. (David Milburn) [809954] - [scsi] isci: Make sure all TCs are terminated and cleaned in LUN reset. (David Milburn) [809954] - [scsi] isci: Manage the LLHANG timer enable/disable per-device. (David Milburn) [809954] - [scsi] isci: Save the suspension hint for upcoming suspensions. (David Milburn) [809954] - [scsi] isci: Fix the terminated I/O to not call sas_task_abort(). (David Milburn) [809954] - [scsi] isci: Distinguish between remote device suspension cases (David Milburn) [809954] - [scsi] isci: Remove isci_device reqs_in_process and dev_node from isci_device. (David Milburn) [809954] - [scsi] isci: Only set IDEV_GONE in the device stop path. (David Milburn) [809954] - [scsi] isci: All pending TCs are terminated when the RNC is invalidated. (David Milburn) [809954] - [scsi] isci: Device access in the error path does not depend on IDEV_GONE. (David Milburn) [809954] - [scsi] isci: Add suspension cases for RNC INVALIDATING, POSTING states. (David Milburn) [809954] - [scsi] isci: Redesign device suspension, abort, cleanup. (David Milburn) [809954] - [scsi] isci: Escalate to I_T_Nexus_Reset when the device is gone. (David Milburn) [809954] - [scsi] isci: Remote device stop also suspends the RNC and terminates I/O. (David Milburn) [809954] - [scsi] isci: Remote device must be suspended for NCQ cleanup. (David Milburn) [809954] - [scsi] isci: Manage device suspensions during TC terminations. (David Milburn) [809954] - [scsi] isci: Terminate outstanding TCs on TX/RX RNC suspensions. (David Milburn) [809954] - [scsi] isci: Handle all suspending TC completions (David Milburn) [809954] - [scsi] isci: Fixed bug in resumption from RNC Tx/Rx suspend state. (David Milburn) [809954] - [scsi] isci: Manage the link layer hang detect timer for RNC suspensions. (David Milburn) [809954] [2.6.32-269.el6] - [x86] Revert: kdump: No need to disable ioapic in crash path (Don Zickus) [815785] - [mm] mempolicy: do_migrate_pages cleanup (Larry Woodman) [801904] - [mm] mempolicy: do_migrate_pages fix (Larry Woodman) [801904] - [ata] ahci: add another PCI ID for marvell (David Milburn) [813365] - [ata] ahci: recognize Marvell 88se9125 PCIe SATA 6.0 Gb/s controller (David Milburn) [813365] - [ata] ahci: HFLAG_YES_FBS fix legacy IDE interface (David Milburn) [813365] - [ata] ahci: add HFLAG_YES_FBS and apply it to 88SE9128 (David Milburn) [813365] - [sound] alsa: enable OSS emulation in rhel configuration (Jaroslav Kysela) [657291] - [sound] alsa: add probe_mask=0x101 automatically for WinFast VP200 H (Jaroslav Kysela) [805658] - [target] fcoe: Remove printk message from ft_dump_cmd (Neil Horman) [813678] - [scsi] be2iscsi: fix bh use in alloc pdu path (Mike Christie) [813550] - [scsi] libsas: fix sas port naming (David Milburn) [759210] - [scsi] libsas: fix panic when single phy is disabled on a wide port (David Milburn) [759210] - [scsi] isci: firmware update to latest firmware generator (David Milburn) [759210] - [scsi] isci: enable BCN in sci_port_add_phy() (David Milburn) [759210] - [scsi] isci: Changes in COMSAS timings enabling ISCI to detect buggy disc drives (David Milburn) [759210] - [scsi] isci: implement suspend/resume support (David Milburn) [759210] - [scsi] isci: kill isci_host.shost (David Milburn) [759210] - [scsi] isci: fix interrupt disable (David Milburn) [759210] - [scsi] isci: fix 'link-up' events occur after 'start-complete' (David Milburn) [759210] - [scsi] isci: fix controller stop (David Milburn) [759210] - [scsi] isci: refactor initialization for S3/S4 (David Milburn) [759210] - [scsi] isci: kill isci_port.domain_dev_list (David Milburn) [759210] - [scsi] isci: kill ->status, and ->state_lock in isci_host (David Milburn) [759210] - [scsi] isci: Dont filter BROADCAST CHANGE primitives (David Milburn) [759210] - [scsi] isci: kill sci_phy_protocol and sci_request_protocol (David Milburn) [759210] - [scsi] isci: kill ->is_direct_attached (David Milburn) [759210] - [scsi] isci: improve 'invalid state' warnings (David Milburn) [759210] - [scsi] libsas: suspend / resume support (David Milburn) [759210] - [ata] libsas: drop sata port multiplier infrastructure (David Milburn) [759210] - [ata] libata: export ata_port suspend/resume infrastructure for sas (David Milburn) [759210] - [net] bonding: 802.3ad - fix agg_device_up (Veaceslav Falico) [806081] - [netdrv] mlx4_core: fix race on comm channel (Jay Fenlason) [808926] - [scsi] libfc: cache align struct fc_fcp_pkt fields (Neil Horman) [815984] - [scsi] libfc: cache align fc_exch_pool (Neil Horman) [815984] - [scsi] fcoe: setup default initial value for DDP threshold (Neil Horman) [815984] - [virt] virtio_console: tell host of open ports after resume from s3/s4 (Amit Shah) [816099] - [scsi] st: fix memory leak with 1MB tape I/O (David Milburn) [811703] - [drm] i915: Dont do MTRR setup if PAT is enabled (Adam Jackson) [802539] - [scsi] device_handler: Add Netapp storage array to rdac array list (Rob Evers) [811364] - [netdrv] cnic: Fix parity error code conflict (Mike Christie) [808619] - [sound] alsa: Fix No sound with Conexant CX20585 / Recording fails (Jaroslav Kysela) [798923] - [kernel] default to clocksource unstable switching off (Prarit Bhargava) [804535] - [x86] Backout X86_FEATURE_ARAT checks in hpet initialization (Prarit Bhargava) [804535] - [kernel] clocksource: Make watchdog robust vs. interruption (Prarit Bhargava) [804535] - [fs] cifs: Show various mount options in /proc/mounts (Sachin Prabhu) [815751] - [ata] libata: make ata_print_id atomic numbering fix (David Milburn) [815861] - [md] raid1: Dont set 'fullsync' unnecessarily (Jonathan E Brassow) [813948] - [md] dm-raid: Record and handle missing devices. (Jonathan E Brassow) [809231] - [md] dm-raid: Set recovery flags on resume. (Jonathan E Brassow) [811669] - [netdrv] bnx2x: changed initial dcb configuration (Michal Schmidt) [812612] - [netdrv] tg3: Fix NVRAM writes on newer devices (John Feeney) [808617] [2.6.32-268.el6] - [x86] efi: Remove unnecessary error message (Matthew Garrett) [788428] - [hid] wacom: Add serial and id reporting for Wacom Intuos4 WL (Aristeu Rozanski) [769676] - [hid] wacom: fix proximity tool release (Aristeu Rozanski) [769676] - [hid] wacom: report distance for Intuos4 WL (Aristeu Rozanski) [769676] - [hid] wacom: Add pad buttons reporting on Intuos4 WL (Aristeu Rozanski) [769676] - [hid] wacom: set ABS_MISC bit for Intuos4 WL (Aristeu Rozanski) [769676] - [hid] wacom: introduce support for Intuos4 bluetooth (Aristeu Rozanski) [769676] - [hid] wacom: introduce sysfs interface to control the device reporting speed (Aristeu Rozanski) [769676] - [hid] wacom: separate mode switching function (Aristeu Rozanski) [769676] - [hid] wacom: add missing events for pad buttons (Aristeu Rozanski) [769676] - [bluetooth] hidp: implement raw output support for HIDP layer (Aristeu Rozanski) [769676] - [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (J. Bruce Fields) [813070] - [fs] nfsd: rename 'int access' to 'int may_flags' in nfsd_open() (J. Bruce Fields) [813070] - [fs] ext4: return 32/64-bit dir name hash according to usage type (J. Bruce Fields) [813070] - [fs] add new FMODE flags FMODE_32bithash and FMODE_64bithash (J. Bruce Fields) [813070] - [fs] nfsd: Remove check for a 32-bit cookie in nfsd4_readdir() (J. Bruce Fields) [813070] - [net] bonding: remove entries for master_ip and vlan_ip and query devices instead (Andy Gospodarek) [810299] - [net] netfilter: place conntrack in source hash after SNAT is done (Neil Horman) [740747] - [netdrv] tg3: Fix RSS ring refill race condition (John Feeney) [808247] - [scsi] Revert: rdac: Add dynamic match to rdac handler (Jarod Wilson) [811364] [2.6.32-267.el6] - [x86] therm_throt: Dont report power limit and package level thermal throttle events in mcelog (Naoya Horiguchi) [803913] - [x86] Use this_cpu_has for thermal_interrupt current cpu (Naoya Horiguchi) [803913] - [x86] percpu: add this_cpu_has() macro (Naoya Horiguchi) [803913] - [virt] KVM: lock slots_lock around device assignment (Alex Williamson) [811653] - [virt] kvm: unmap pages from the iommu when slots are removed (Alex Williamson) [811653] {CVE-2012-2121} - [scsi] fix eh wakeup (scsi_schedule_eh vs scsi_restart_operations) (David Milburn) [798776] - [scsi] libsas, libata: fix start of life for a sas ata_port (David Milburn) [798776] - [scsi] libsas: continue revalidation (David Milburn) [798776] - [ata] libata: make ata_print_id atomic (David Milburn) [798776] - [scsi] libsas: fix ata_eh clobbering ex_phys via smp_ata_check_ready (David Milburn) [798776] - [scsi] libsas: fix false positive 'device attached' conditions (David Milburn) [798776] - [scsi] libsas: unify domain_device sas_rphy lifetimes (David Milburn) [798776] - [scsi] scsi_transport_sas: fix delete vs scan race (David Milburn) [798776] - [ata] libata: reset once (David Milburn) [798776] - [scsi] libsas: fix sas_get_port_device regression (David Milburn) [798776] - [scsi] libsas: sas_rediscover_dev did not look at the SMP exec status. (David Milburn) [798776] - [scsi] libsas: fix sas_find_bcast_phy() in the presence of 'vacant' phys (David Milburn) [798776] - [scsi] libsas: trim sas_task of slow path infrastructure (David Milburn) [798776] - [scsi] isci: use sas eh strategy handlers (David Milburn) [798776] - [scsi] libsas: use ->lldd_I_T_nexus_reset for ->eh_bus_reset_handler (David Milburn) [798776] - [scsi] libsas: add sas_eh_abort_handler (David Milburn) [798776] - [scsi] libsas: enforce eh strategy handlers only in eh context (David Milburn) [798776] - [scsi] libata, libsas: introduce sched_eh and end_eh port ops (David Milburn) [798776] - [scsi] libsas: cleanup spurious calls to scsi_schedule_eh (David Milburn) [798776] - [scsi] libsas: introduce sas_work to fix sas_drain_work vs sas_queue_work (David Milburn) [798776] - [net] fib: fix BUG_ON in fib_nl_newrule when add new fib rule (Weiping Pan) [814059] - [scsi] isci: fix oem parameter validation on single controller skus (David Milburn) [812415] - [x86] tsc: Dont divide by zero if TSC kHz calibration fails (Richard W.M. Jones) [813413] - [x86] Avoid check hlt for newer cpus (Don Zickus) [812439] [2.6.32-266.el6] - [virt] kvm: Allow adjust_tsc_offset to be in host or guest cycles (Frank Arnold) [807215] - [virt] Revert: x86: Make tsc_delta calculation a function of guest tsc (Frank Arnold) [807215] - [scsi] lpfc: Update lpfc version for 8.3.5.68.2p driver release (Rob Evers) [810522] - [scsi] lpfc: Fix bug with mailbox handling of REG_VFI (Rob Evers) [810522] - [scsi] lpfc: flush PCI function reset register write (Rob Evers) [810522] - [scsi] lpfc: Fixed system panic when extents enabled (Rob Evers) [810522] - [scsi] lpfc: Fixed the system panic during EEH recovery (Rob Evers) [810522] - [scsi] lpfc: Fix resource leak when acc fails (Rob Evers) [810522] - [scsi] lpfc: Fixed SLI4 driver module load and unload test loop (Rob Evers) [810522] - [scsi] lpfc: Fixed missing CVL event (Rob Evers) [810522] - [scsi] lpfc: Fix deadlock during adapter offline request (Rob Evers) [810522] - [scsi] lpfc: Fix same RPI registered multiple times (Rob Evers) [810522] - [scsi] lpfc: Fix handling of XRI Aborted CQE response (Rob Evers) [810522] - [scsi] lpfc: Fixed failure handling SLI4 FC port reset (Rob Evers) [810522] - [scsi] lpfc: Fix not sending a LOGO with vport delete (Rob Evers) [810522] - [scsi] lpfc: Fix for SLI4 Port delivery for BLS ABORT ACC (Rob Evers) [810522] - [scsi] lpfc: Fix ndlp list not empty during unloading (Rob Evers) [810522] - [scsi] lpfc: Fix mailbox and vpi memory leaks (Rob Evers) [810522] - [scsi] lpfc: create char device to take a reference (Rob Evers) [810522] - [scsi] lpfc: Fix for FDISC failures (Rob Evers) [810522] - [scsi] lpfc: Fix for driver using duplicate RPIs (Rob Evers) [810522] - [scsi] lpfc: Fix discovery problem when in pt2pt (Rob Evers) [810522] - [scsi] lpfc: Fixed handling large CQ/EQ ids in an IOV env (Rob Evers) [810522] - [scsi] lpfc: Fix Locking code raising IRQ twice (Rob Evers) [810522] - [scsi] lpfc: Fix not returning when bad ndlp found (Rob Evers) [810522] - [scsi] lpfc: Fix bug with driver returning the wrong ndlp (Rob Evers) [810522] - [scsi] lpfc: Fix driver behavior when receiving an ADISC (Rob Evers) [810522] - [scsi] lpfc: Fixed unbounded firmware revision string (Rob Evers) [810522] - [scsi] lpfc: Fix dump command type 4 using 16Gb FC Adapter (Rob Evers) [810522] - [scsi] lpfc: Fix port not reset when needed during fw_dump (Rob Evers) [810522] - [scsi] lpfc: Fix ELS FDISC failing local rej./inv. RPI (Rob Evers) [810522] - [scsi] lpfc: Fix SLI4 FC port internal loopback (Rob Evers) [810522] - [scsi] lpfc: Fix REG_RPI fails on SLI4 HBA (Rob Evers) [810522] - [scsi] lpfc: Fix els command using 16Gb FC Adapter (Rob Evers) [810522] - [scsi] lpfc: Fix NMI seen due to CQE starvation (Rob Evers) [810522] - [scsi] lpfc: Fixed SLI4 FC port obtained link-type/num (Rob Evers) [810522] - [scsi] lpfc: Fixed SLI4 FC port int. loopback without SFP (Rob Evers) [810522] - [scsi] lpfc: Fix incorrect fcpCdb during scsi command prep (Rob Evers) [810522] - [drm] i915: Do not set 'Enable Panel Fitter' on SNB pageflips (Adam Jackson) [731632] - [drm] radeon: fix load detect on rn50 with hardcoded EDIDs. (Dave Airlie) [813962] - [fs] ext4: change return value from int to ssize_t in ext4_file_write (Eric Sandeen) [814302] - [netdrv] iwlwifi: add option to disable 5GHz band (Stanislaw Gruszka) [812259] - [scsi] rdac: Add dynamic match to rdac handler (Rob Evers) [811364] - [virt] xenfv: fix hangs when kdumping (Andrew Jones) [811815] - [netdrv] mlx4: allocate just enough pages instead of always 4 pages (Steve Best) [812470] - [mm] Prevent panic while reading /proc/vmallocinfo (Larry Woodman) [767889] [2.6.32-265.el6] - [fs] GFS2: Instruct DLM to avoid queue convert slowdowns (Robert S Peterson) [799165] - [fs] GFS2: Allow caching of rindex glock (Robert S Peterson) [799165] - [fs] GFS2: Dont use a try lock when promoting to a higher mode (Robert S Peterson) [799165] - [fs] GFS2: Make sure rindex is uptodate before starting transactions (Robert S Peterson) [799165] - [netdrv] p54spi: Release GPIO lines and IRQ on error in p54spi_probe (John Linville) [808571] - [netdrv] iwlwifi: always monitor for stuck queues (John Linville) [808571] - [netdrv] rt2x00: Add support for D-Link DWA-127 to rt2800usb (John Linville) [808571] - [netdrv] iwl3945: fix possible il->txq NULL pointer dereference in delayed works (John Linville) [808571] - [netdrv] rt2x00: fix random stalls (John Linville) [808571] - [netdrv] iwlwifi: fix key removal (John Linville) [808571] - [netdrv] ath9k_hw: prevent writes to const data on AR9160 (John Linville) [808571] - [net] mac80211: zero initialize count field in ieee80211_tx_rate (John Linville) [808571] - [netdrv] ath9k: stop on rates with idx -1 in ath9k rate controls .tx_status (John Linville) [808571] - [net] mac80211: Fix a rwlock bad magic bug (John Linville) [808571] - [net] mac80211: timeout a single frame in the rx reorder buffer (John Linville) [808571] - [netdrv] ath9k_hw: fix a RTS/CTS timeout regression (John Linville) [808571] - [netdrv] ath9k: fix a WEP crypto related regression (John Linville) [808571] - [netdrv] ath9k: Fix kernel panic during driver initilization (John Linville) [808571] - [netdrv] bnx2x: fix memory leak in bnx2x_init_firmware() (Michal Schmidt) [811231] - [netdrv] bnx2x: fix a crash on corrupt firmware file (Michal Schmidt) [811231] - [netdrv] bnx2x: FCoE statistics id fixed (Michal Schmidt) [811231] - [netdrv] bnx2x: dcb bit indices flags used as bits (Michal Schmidt) [811231] - [netdrv] bnx2x: added cpu_to_le16 when preparing ramrods data (Michal Schmidt) [811231] - [netdrv] bnx2x: pfc statistics counts pfc events twice (Michal Schmidt) [811231] - [fs] dlm: fix QUECVT when convert queue is empty (David Teigland) [809986] - [netdrv] bnx2x: correction to firmware interface (Michal Schmidt) [810296] [2.6.32-264.el6] - [net] Fix netdevice reference leak (Thomas Graf) [719600] [2.6.32-263.el6] - [net] ipmr: Enable multiple multicast routing tables (Thomas Graf) [631984] - [net] ipmr: Dont leak memory if fib lookup fails (Thomas Graf) [631984] - [net] ipmr: dont corrupt lists (Thomas Graf) [631984] - [net] ipmr: off by one in __ipmr_fill_mroute() (Thomas Graf) [631984] - [net] IPv4: unresolved multicast route cleanup (Thomas Graf) [631984] - [net] ipmr: add support for dumping routing tables over netlink (Thomas Graf) [631984] - [net] rtnetlink: decouple rtnetlink address families from real address families (Thomas Graf) [631984] - [net] ipv4: ipmr: fix NULL pointer deref during unres queue destruction (Thomas Graf) [631984] - [net] ipv4: ipmr: fix invalid cache resolving when adding a non-matching entry (Thomas Graf) [631984] - [net] ipv4: ipmr: support multiple tables (Thomas Graf) [631984] - [net] ipv4: ipmr: move mroute data into seperate structure (Thomas Graf) [631984] - [net] ipv4: ipmr: convert struct mfc_cache to struct list_head (Thomas Graf) [631984] - [net] ipv4: ipmr: remove net pointer from struct mfc_cache (Thomas Graf) [631984] - [net] ipv4: ipmr: move unres_queue and timer to per-namespace data (Thomas Graf) [631984] - [net] fib_rules: decouple address families from real address families (Thomas Graf) [631984] - [net] fib_rules: set family in fib_rule_hdr centrally (Thomas Graf) [631984] - [net] fib_rules: consolidate IPv4 and DECnet ->default_pref() functions (Thomas Graf) [631984] - [net] ipmr/ip6mr: prevent out-of-bounds vif_table access (Thomas Graf) [631984] - [fs] direct-io.c: fix truncation error in dio_complete() return (Vivek Goyal) [783992] - [net] add sysctl to accept packets with local source addresses (Weiping Pan) [719600] - [scsi] Model description fixes for Brocade adapters (Rob Evers) [808558] - [x86] kdump: No need to disable ioapic in crash path (Don Zickus) [783322] - [kernel] uevent: send events in correct order according to seqnum (Naoya Horiguchi) [801694] - [net] SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() (Steve Dickson) [809928] - [mm] Fix race in process_vm_rw_core (Kyle McMartin) [739136] - [mm] Backport Cross Memory Attach patch from upstream (Larry Woodman) [739136] - [drm] enable CONFIG_VGA_SWITCHEROO (Dave Airlie) [632635] [2.6.32-262.el6] - [net] bonding: send igmp report for its master (Weiping Pan) [797780] - [net] allow to get master bridge device for bridge port (Weiping Pan) [797780] - [s390x] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [808487] - [net] fix vlan gro path (Jiri Pirko) [720611] - [net] bonding: emit event when bonding changes MAC (Veaceslav Falico) [800231] - [net] sctp: Fix getsockopt with SCTP_EVENTS regression and allow sctp_event_subscribe to grow (Thomas Graf) [808086] - [net] vlan: Avoid broken offload configuration when reorder_hdr is disabled (Michal Schmidt) [781652] - [virt] xen: Revert 'xen: mask MTRR feature from guest' (Andrew Jones) [810222] [2.6.32-261.el6] - [x86] Dont inject GP for non-XSAVE enabled guests (Don Dugger) [705242] - [drm] i915: suspend fbdev device around suspend/hibernate (Dave Airlie) [746169] - [fs] cifs: Add mount options backupuid and backugid. (Sachin Prabhu) [806336] - [kernel] genirq: Respect NUMA node affinity in setup_affinity() (Prarit Bhargava) [788579] - [netdrv] iwlwifi: do not nulify ctx->vif on reset (Stanislaw Gruszka) [801730] - [virt] VMX: vmx_set_cr0 expects kvm->srcu locked (Marcelo Tosatti) [807507] {CVE-2012-1601} - [virt] KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Marcelo Tosatti) [807507] {CVE-2012-1601} - [virt] virtio-pci: S3 support (Amit Shah) [803187] - [virt] virtio-pci: drop restore_common() (Amit Shah) [803187] - [virt] virtio: drop thaw PM operation (Amit Shah) [803187] - [virt] virtio: balloon: Allow stats update after restore from S4 (Amit Shah) [803187] [2.6.32-260.el6] - [scsi] be2iscsi: fix include order (Mike Christie) [738043] - [scsi] be2iscsi: Get Port State and Speed of the Adapter (Mike Christie) [738043] - [scsi] be2iscsi: adding functionality to change network settings using iscsiadm (Mike Christie) [738043] - [scsi] be2iscsi: Adding bsg interface for be2iscsi (Mike Christie) [738043] - [scsi] be2iscsi: Get Initiator Name for the iSCSI_Host (Mike Christie) [738043] - [scsi] be2iscsi: Return async handle of unknown opcode to free list (Mike Christie) [738043] - [scsi] be2iscsi: Check ASYNC PDU Handle corresponds to HDR/DATA Handle (Mike Christie) [738043] - [scsi] be2iscsi: Bump the driver Version (Mike Christie) [738043] - [scsi] be2iscsi: Update in Copyright information (Mike Christie) [738043] - [scsi] be2iscsi: Fix the function return values (Mike Christie) [738043] - [scsi] be2iscsi: Code cleanup, removing the goto statement (Mike Christie) [738043] - [scsi] be2iscsi: Fix double free of MCCQ info memory (Mike Christie) [738043] - [scsi] be2iscsi: Set num_cpu = 1 if pci_enable_msix fails (Mike Christie) [738043] - [scsi] be2iscsi:Fix typo function name mismatch (Mike Christie) [738043] - [scsi] be2iscsi: Freeing of WRB and SGL Handle in cleanup task (Mike Christie) [738043] - [scsi] be2iscsi: WRB Initialization and Failure code path change (Mike Christie) [738043] - [scsi] be2iscsi: Fix in ASYNC PDU stitching logic (Mike Christie) [738043] - [scsi] be2iscsi: Fix in the Asynchronous Code Path (Mike Christie) [738043] - [net] ipv4: Constrain UFO fragment sizes to multiples of 8 bytes (Jiri Benc) [797731] - [net] ipv4: Dont use ufo handling on later transformed packets (Jiri Benc) [797731] - [net] udp: Add UFO to NETIF_F_GSO_SOFTWARE (Jiri Benc) [797731] - [fs] Fix length of buffer copied in __nfs4_get_acl_uncached (Sachin Prabhu) [808036] - [net] bond: Make LRO flag follow slave settings (Neil Horman) [794647] - [net] make dev_disable_lro use physical device if passed a vlan dev (Andy Gospodarek) [713641] - [net] move is_vlan_dev into public header file (Andy Gospodarek) [713641] [2.6.32-259.el6] - [mm] memcg: fix coalescing uncharge during truncate (Johannes Weiner) [717803] - [mm] thp: allow a hwpoisoned head page to be put back to LRU (Dean Nelson) [795574] - [block] md: Avoid OOPS when reshaping raid1 to raid0 (Jes Sorensen) [805857] - [net] bridge: fix use after free of skb in bridge when netpoll in use (Neil Horman) [769725] - [scsi] fcoe: Move destroy_work to a private work queue (Neil Horman) [806119] - [virt] xen: only check xen_platform_pci_unplug if hvm (Andrew Jones) [807354] [2.6.32-258.el6] - [fs] epoll: kabi fixups for epoll limit wakeup paths (Jason Baron) [681689] {CVE-2011-1083} - [fs] epoll: limit paths (Jason Baron) [681689] {CVE-2011-1083} - [perf] tool: Fix diff command to work with new hists design (Jiri Olsa) [794689] - [x86] call restore_sched_clock_state after gs is initialized (Marcelo Tosatti) [803132] - [virt] virtio-scsi: fix whitespace in fix TMF use-after-free patch (Paolo Bonzini) [802127] - [netdrv] macvtap: add ioctl to modify vnet header size (Michael S. Tsirkin) [789362] - [netdrv] firmware: add bnx2x FW 7.2.16 (Michal Schmidt) [798316] - [netdrv] cnic: update for FW 7.2.xx (Michal Schmidt) [798316] - [netdrv] bnx2fc: HSI dependent changes for 7.2.xx FW (Michal Schmidt) [798316] - [netdrv] bnx2x: use FW 7.2.16 (Michal Schmidt) [798316] - [fs] GFS2: put glock reference in error patch of read_rindex_entry (Robert S Peterson) [803384] - [infiniband] rdmacm: fix initialization bug (Doug Ledford) [805996] - [pci] Dont touch ASPM at all when its forcibly disabled (Matthew Garrett) [801877] [2.6.32-257.el6] - [security] Fix negative key error handling (David Howells) [806393] - [char] ipmi: Increase KCS timeouts (Matthew Garrett) [803378] - [scsi] cxgb3: Add latest upstream firmware (Neil Horman) [747139] - [scsi] cxgb3 driver update to latest upstream (Neil Horman) [747139] - [x86] uv_mmrs.h cleanup patch (George Beshers) [737747] - [x86] reduce clock calibration time during slave cpu startup (George Beshers) [737747] - [x86] uv: Fix uninitialized spinlocks (George Beshers) [737747] - [x86] uv: Fix uv_gpa_to_soc_phys_ram() shift (George Beshers) [737747] - [x86] UV2: Add accounting for BAU strong nacks (George Beshers) [737747] - [x86] UV2: Ack BAU interrupt earlier (George Beshers) [737747] - [x86] UV2: Remove stale no-resources test for UV2 BAU (George Beshers) [737747] - [x86] UV2: Work around BAU bug (George Beshers) [737747] - [x86] UV2: Fix BAU destination timeout initialization (George Beshers) [737747] - [x86] UV2: Fix new UV2 hardware by using native UV2 broadcast mode (George Beshers) [737747] - [x86] UV: Update Boot messages for SGI UV2 platform (George Beshers) [737747] - [x86] UV: Fix UV2 hub part number (George Beshers) [737747] - [mm] vmstat.c: cache align vm_stat (George Beshers) [737747] - [x86] uv2: Workaround for UV2 Hub bug (George Beshers) [737747] - [x86] UV: Remove UV delay in starting slave cpus (George Beshers) [737747] - [x86] UV: Clean up uv_mmrs.h (George Beshers) [737747] - [net] ehash_size cleanup in tcp (George Beshers) [737748] - [x86] print EST-capable warning message only once (George Beshers) [737748] - [mm] Overflow computing _hash_mask (George Beshers) [737748] - [x86] ACPI: Remove repeated cooling_device messages (George Beshers) [737748] - [fs] vfs: fix panic in __d_lookup() (George Beshers) [737748] - [x86] Fix bootmem allocator large bitmap (George Beshers) [737748] - [net] Limit sysctl_tcp_mem and sysctl_udp_mem initializers (George Beshers) [737748] - [mm] alloc_large_system_hash() printk overflow on 16TB boot (George Beshers) [737748] - [fs] On a 16TB machine, max_user_watches has an integer overflow (George Beshers) [737748] - [fs] allow for more than 2^31 file (George Beshers) [737748] - [netdrv] bnx2x: consistent statistics after internal driver reload (Michal Schmidt) [747522] - [netdrv] netxen_nic: Sysfs support for firmware dump (Veaceslav Falico) [801653] [2.6.32-256.el6] - [kernel] sched: Fix ancient race in do_exit() (Motohiro Kosaki) [784758] - [virt] xen: initialize platform_pci even if xen_emul_unplug=never (Igor Mammedov) [803239] - [virt] virtio-scsi: fix TMF use-after-free (Paolo Bonzini) [802127] - [virt] KVM: increase max vcpu count to 160 (Marcelo Tosatti) [748946] - [scsi] sd: Unmap discard alignment needs to be converted to bytes (Mike Snitzer) [805519] - [scsi] sd: Fix VPD buffer allocations (Mike Snitzer) [805519] - [scsi] isci: improvements in driver unloading routine (David Milburn) [805530] - [scsi] isci: improve phy event warnings (David Milburn) [805530] - [scsi] isci: debug, provide state-enum-to-string conversions (David Milburn) [805530] - [scsi] scsi_transport_sas: 'enable' phys on reset (David Milburn) [805530] - [scsi] libsas: dont recover end devices attached to disabled phys (David Milburn) [805530] - [scsi] libsas: fixup target_port_protocols for expanders that dont report sata (David Milburn) [805530] - [scsi] libsas: set attached device type and target protocols for local phys (David Milburn) [805530] - [scsi] isci: T10 DIF support (David Milburn) [805530] - [scsi] isci: enable clock gating (David Milburn) [805530] - [scsi] isci: Fix NULL ptr dereference when no firmware is being loaded (David Milburn) [805530] - [fs] Pstore supplies a wrong header to kmsg files (Seiji Aguchi) [804789] - [fs] nfs: Try using machine credentials for RENEW calls (Sachin Prabhu) [795441] - [kernel] perf/x86/kvm: Fix Host-Only/Guest-Only counting with SVM disabled (Gleb Natapov) [805496] [2.6.32-255.el6] - [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [748713] {CVE-2011-4086} - [kernel] sched: Call tick_check_idle before __irq_enter (George Beshers) [635817] - [kernel] sched: Increment cache_nice_tries only on periodic lb (George Beshers) [635817] - [cpuidle] menu: fixed wrapping timers at 4.294 seconds (George Beshers) [635817] - [kernel] sched: Fix softirq time accounting (George Beshers) [635817] - [x86] UV: Lower UV rtc clocksource rating (George Beshers) [635817] - [infiniband] mlx4_core: fix bug in modify_cq wrapper for resize flow (Doug Ledford) [801111] - [infiniband] mlx4_core: remove buggy sched_queue masking (Doug Ledford) [801111] - [infiniband] mlx4_core: Fixing array indexes when setting port types (Doug Ledford) [801111] - [infiniband] mlx4: Setting new port types after all interfaces unregistered (Doug Ledford) [801111] - [infiniband] mlx4: Replacing pool_lock with mutex (Doug Ledford) [801111] - [infiniband] mlx4_core: Do not map BF area if capability is 0 (Doug Ledford) [801111] - [infiniband] mlx4: add unicast steering entries to resource_tracker (Doug Ledford) [801111] - [infiniband] mlx4: fix QP tree trashing (Doug Ledford) [801111] - [infiniband] mlx4: fix buffer overrun (Doug Ledford) [801111] - [infiniband] mlx4: Fix kcalloc parameters swapped (Doug Ledford) [801111] - [net] net_sched: qdisc_alloc_handle() can be too slow (Jiri Pirko) [785891] - [net] RFC3069, private VLAN proxy arp support (Weiping Pan) [786544] - [scsi] aio: fix the 'too late munmap()' race (Jeff Moyer) [801528] - [scsi] aio: fix io_setup/io_destroy race (Jeff Moyer) [801528] - [scsi] aio: fix rcu ioctx lookup (Jeff Moyer) [801528] [2.6.32-254.el6] - [fs] GFS2: Change truncate page allocation to be GFP_NOFS (Robert S Peterson) [796017] - [fs] GFS2: Remove a __GFP_NOFAIL allocation (Robert S Peterson) [796017] - [fs] GFS2: flush work when clearing inode (Robert S Peterson) [796017] - [scsi] hpsa: change version string (Tomas Henzl) [785262] - [scsi] hpsa: rename HPSA_MAX_SCSI_DEVS_PER_HBA (Tomas Henzl) [785262] - [scsi] hpsa: update device attributes when they change (Tomas Henzl) [785262] - [scsi] hpsa: improve naming on external target device functions (Tomas Henzl) [785262] - [scsi] hpsa: eliminate 8 external target limitation (Tomas Henzl) [785262] - [scsi] hpsa: fix potential array overflow in hpsa_update_scsi_devices (Tomas Henzl) [785262] - [scsi] hpsa: refactor hpsa_figure_bus_target_lun (Tomas Henzl) [785262] - [scsi] hpsa: make target and lun match what SCSI REPORT LUNs returns (Tomas Henzl) [785262] - [scsi] hpsa: Fix problem with MSA2xxx devices (Tomas Henzl) [785262] - [scsi] hpsa: add P2000 to list of shared SAS devices (Tomas Henzl) [785262] - [virt] KVM: PMU: Fix raw event check (Gleb Natapov) [803620] - [virt] KVM: PMU: warn when pin control is set in eventsel msr (Gleb Natapov) [803620] - [virt] x86 emulator: correctly mask pmc index bits in RDPMC instruction emulation (Gleb Natapov) [803620] - [powerpc] perf: Fix frequency calculation for overflowing counters (Steve Best) [804608] - [security] keys: add a 'logon' key type (David Howells) [788634] - [security] KEYS: testing wrong bit for KEY_FLAG_REVOKED (David Howells) [788634] - [security] KEYS: Permit key_serial() to be called with a const key pointer (David Howells) [788634] - [security] keys: fix user_defined key sparse messages (David Howells) [788634] - [security] keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages (David Howells) [788634] - [security] KEYS: Add missing smp_rmb() primitives to the keyring search code (David Howells) [788634] - [security] KEYS: Make garbage collector nonreentrant under RHEL-6 (David Howells) [788634] - [security] KEYS: Correctly destroy key payloads when their keytype is removed (David Howells) [788634] - [security] KEYS: The dead key link reaper should be non-reentrant (David Howells) [788634] - [security] KEYS: Make the key reaper non-reentrant (David Howells) [788634] - [security] KEYS: Move the unreferenced key reaper to the keys garbage collector file (David Howells) [788634] - [security] KEYS: __key_link() should use the RCU deref wrapper for keyring payloads (David Howells) [788634] - [security] KEYS: keyctl_get_keyring_ID() should create a session keyring if create flag set (David Howells) [788634] - [security] KEYS: If install_session_keyring() is given a keyring, it should install it (David Howells) [788634] - [security] KEYS: Fix error handling in construct_key_and_link() (David Howells) [788634] - [security] KEYS: Dont return EAGAIN to keyctl_assume_authority() (David Howells) [788634] - [security] KEYS: Make request_key() and co. return an error for a negative key (David Howells) [788634] - [security] KEYS: Improve /proc/keys (David Howells) [788634] - [security] KEYS: Add an iovec version of KEYCTL_INSTANTIATE (David Howells) [788634] - [security] KEYS: Add a new keyctl op to reject a key with a specified error code (David Howells) [788634] - [security] KEYS: Add an RCU payload dereference macro (David Howells) [788634] - [security] KEYS: Fix __key_link_end() quota fixup on error (David Howells) [788634] - [security] KEYS: Fix up comments in key management code (David Howells) [788634] - [security] KEYS: Do some style cleanup in the key management code (David Howells) [788634] - [security] KEYS: Dont call up_write() if __key_link_begin() returns an error (David Howells) [788634] - [security] Add a dummy printk function for the maintenance of unused printks (David Howells) [788634] - [security] KEYS: request_key() should return -ENOKEY if the constructed key is negative (David Howells) [788634] - [security] KEYS: Reinstate lost passing of process keyring ID in call_sbin_request_key() (David Howells) [788634] - [security] KEYS: Use the variable 'key' in keyctl_describe_key() (David Howells) [788634] - [security] KEYS: Make /proc/keys check to see if a key is possessed before security check (David Howells) [788634] - [security] KEYS: Authorise keyctl_set_timeout() on a key if we have its authorisation key (David Howells) [788634] - [security] KEYS: Propagate error code instead of returning -EINVAL (David Howells) [788634] - [security] keyctl_session_to_parent(): use thread_group_empty() to check singlethreadness (David Howells) [788634] - [security] KEYS: Do preallocation for __key_link() (David Howells) [788634] - [security] KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links (David Howells) [788634] - [security] whitespace coding style fixes (David Howells) [788634] - [security] key: keyring: fix some code style issues (David Howells) [788634] - [security] Fix some coding styles in security/keys/keyring.c (David Howells) [788634] - [x86] EFI: Only set regions uncacheable if they support it (Matthew Garrett) [767291] - [virt] KVM: Fix fetch fault error code (Avi Kivity) [802453] - [netdrv] add myri10ge firmware (Stanislaw Gruszka) [796099] - [fs] xfs: fix inode lookup race (Dave Chinner) [796277] - [x86] amd: Fix L1i and L2 cache sharing information for AMD family 15h processors (Frank Arnold) [798399] - [x86] cache_info: Update calculation of AMD L3 cache indices (Frank Arnold) [798399] - [x86] cache_info: Remove bogus free of amd_l3_cache data (Frank Arnold) [798399] - [hwmon] k10temp: Add support for Fam15h Bulldozer (Frank Arnold) [798209] - [hwmon] k10temp: add support for AMD Family 12h/14h CPUs (Frank Arnold) [798209] - [x86] AMD, PCI: Add AMD northbridge PCI device id for CPU families 12h and 14h (Frank Arnold) [798209] - [netdrv] pch_gbe: modify Kconfig/Makefile and config-generic (Veaceslav Falico) [728177] - [netdrv] pch_gbe: new network driver from upstream (Veaceslav Falico) [728177] - [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [696442] [2.6.32-253.el6] - [net] gro: more generic L2 header check (Doug Ledford) [789123] - [infiniband] IPoIB: Stop lying about hard_header_len and use skb->cb to stash LL addresses (Doug Ledford) [789123] - [net] Make qdisc_skb_cb upper size bound explicit (Doug Ledford) [789123] - [fs] GFS2: Invalidate directory hash table on inode deallocate (Robert S Peterson) [801171] - [fs] GFS2: Fix a use-after-free that coverity spotted (Robert S Peterson) [801171] - [kernel] lkdtm: avoid calling lkdtm_do_action() with spinlock held (Prarit Bhargava) [770621] - [x86] Fix printk levels for panic, softlockups and stack dumps (Prarit Bhargava) [770621] - [kernel] lkdtm.c: fix race when crashpoint is hit multiple times before checking count (Prarit Bhargava) [770621] - [kernel] lkdtm: prefix enum constants (Prarit Bhargava) [770621] - [kernel] lkdtm: use generic_file_llseek in debugfs (Prarit Bhargava) [770621] - [kernel] param: remove unnecessary writable charp (Prarit Bhargava) [770621] - [kernel] lktdm: add support for hardlockup, softlockup and hung task crashes (Prarit Bhargava) [770621] - [kernel] lkdtm: add debugfs access and loosen KPROBE ties (Prarit Bhargava) [770621] - [scsi] aacraid: Fixes kernel oops in 'aac_eh_abort' (Tomas Henzl) [760396] - [kernel] sys_poll: fix incorrect type for 'timeout' parameter (Oleg Nesterov) [794681] - [kernel] kdump: round up total_size to 128M for crashkernel reserving threshold (Dave Young) [798727] - [block] loop: fix partial read infomation leak (Dave Young) [761418] - [netdrv] mlx4: Dont show RoCE interfaces if the hpn channel is not installed (Doug Ledford) [753004] - [mm] thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) [800328] - [target] fix build on i386 (Andy Grover) [765982] - [target] Backport from stable-3.2.6 (Andy Grover) [765982] [2.6.32-252.el6] - [dm] fixing test for NULL pointer testing (Paolo Bonzini) [752380] {CVE-2011-4127} - [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752380] {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752380] {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752380] {CVE-2011-4127} - [kernel] regset: Return -EFAULT, not -EIO, on host-side memory fault (Jerome Marchand) [799213] {CVE-2012-1097} - [kernel] regset: Prevent null pointer reference on readonly regsets (Jerome Marchand) [799213] {CVE-2012-1097} - [scsi] qla4xxx: update version (Mike Christie) [800664] - [scsi] iscsi class: fix gfp use in ping compl and host event (Mike Christie) [800664] - [scsi] iscsi if: Removed packed attr from struct iscsi_chap_rec (Mike Christie) [800664] - [scsi] iscsi_transport: Added error status code for ping comp event (Mike Christie) [800664] - [scsi] fix system lock up from scsi error flood (Neil Horman) [800555] - [scsi] libcxgbi: do not print a message when memory allocation fails (Steve Best) [800114] - [infiniband] iser: post initial receive buffers before sending the final login request (Mike Christie) [800041] - [sound] ALSA: pcm midlevel code - add time check for (Jaroslav Kysela) [798984] - [fs] GFS2: call gfs2_write_alloc_required for each fallocate chunk (Benjamin Marzinski) [801141] [2.6.32-251.el6] - [scsi] lpfc: Update lpfc version for 8.3.5.58.1p driver release (Rob Evers) [738037] - [virt] VMX: VMXON/VMXOFF usage changes (Avi Kivity) [704173] - [virt] VMX: VMCLEAR/VMPTRLD usage changes (Avi Kivity) [704173] - [virt] VMX: Some minor changes to code structure (Avi Kivity) [704173] - [virt] VMX: Define new functions to wrapper direct call of asm code (Avi Kivity) [704173] - [net] bonding: move dev_addr cpy to bond_enslave (Thomas Graf) [799794] - [net] bonding: move slave MTU handling from sysfs (Thomas Graf) [799794] - [ppc] Implement CONFIG_STRICT_DEVMEM (Steve Best) [655689] - [scsi] fcoe: Only define ndo_fcoe_get_hbainfo if fcoe is configured (Neil Horman) [789086] - [x86] ACPI / PM: Fix build problem for !CONFIG_ACPI related to NVS rework (Myron Stowe) [708447] - [x86] ips: use interruptible waits in ips-monitor (Neil Horman) [727944] - [x86] kvmclock: abstract save/restore sched_clock_state (Marcelo Tosatti) [694801] - [virt] fix a merge problem in 'KVM steal time suspend/resume bugfix' series (Aristeu Rozanski) [612320] - [virt] reapply 'KVM steal time suspend/resume bugfix' series (Aristeu Rozanski) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-1083 CVE-2011-4131 Oracle Linux 6 [5.1.61-4] - Add backported patch for CVE-2012-2102 Resolves: #812435 [5.1.61-3] - Enable innodb plugin, but only on x86 and x86_64 architectures Resolves: #740224 LOW Copyright 2012 Oracle, Inc. CVE-2012-2102 Oracle Linux 6 [1:5.5-41] - moved /var/lib/net-snmp fro net-snmp to net-snmp-libs package (#822480) [1:5.5-40] - fixed CVE-2012-2141 (#820100) [1:5.5-39] - fixed proxying of out-of-tree GETNEXT requests (#799291) [1:5.5-38] - fixed snmpd crashing with many AgentX subagent (#749227) - fixed SNMPv2-MIB::sysObjectID value when sysObjectID config file option with long OID was used (#786931) - fixed value of BRIDGE-MIB::dot1dBasePortIfIndex.1 (#740172) - fixed parsing of proxy snmpd.conf option not to enable verbose logging by default (#746903) - added new realStorageUnits config file option to support disks > 16 TB in hrStorageTable (#741789) - added vxfs, reiserfs and ocfs2 filesystem support to hrStorageTable (#746903) - fixed snmpd sigsegv when embedded perl script registers one handler twice (#748907) - fixed setting of SNMP-TARGET-MIB::snmpTargetAddrRowStatus via SNMP-SET request on 64-bit platforms (#754275) - fixed crash when /var/lib/net-snmp/mib_indexes/ files have wrong SELinux context (#754971) - fixed memory leak when agentx subagent disconnects in the middle of request processing (#736580) - fixed slow (re-)loads of TCP-MIB::tcpConnectionTable (#789909) - removed 'error finding row index in _ifXTable_container_row_restore' error message (#788954) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2141 Oracle Linux 6 [1:4.6.2-24] - Resolves: bz#734444, list of trusted CA certificates should not be compiled into library [1:4.6.2-23] - Resolves: bz#805433, CVE-2011-3922 [1:4.6.2-22] - Resolves: bz#694684, phonon crash [1:4.6.2-21] - Resolves: #rhbz757793, add OpenGL 3.1, 3.2, 3.3 and 4.0 recognition to QGLFormat MODERATE Copyright 2012 Oracle, Inc. CVE-2010-5076 CVE-2011-3922 Oracle Linux 6 [5.3p1-81] - fixes in openssh-5.3p1-required-authentications.patch (#657378) [5.3p1-79] - fix forward on non-localhost ports with IPv6 (#732955) [5.3p1-78] - clear SELinux exec context before exec passwd (#814691) [5.3p1-77] - prevent post-auth resource exhaustion (#809938) [5.3p1-76] - don't escape backslah in a banner (#809619) [5.3p1-75] - fix various issues in openssh-5.3p1-required-authentications.patch (#805901) [5.3p1-74] - fix out-of-memory killer patch (#744236) [5.3p1-73] - remove openssh-4.3p2-no-v6only.patch (#732955) - adjust Linux out-of-memory killer (#744236) - fix sshd init script - check existence of crypto (#797384) - add RequiredAuthentications[12] (#657378) - run privsep slave process as the users SELinux context (#798241) [5.3p1-72] - drop CAVS test driver (#782091) [5.3p1-71] - enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI (#756929) - add CAVS test driver for the aes-ctr ciphers (#782091) LOW Copyright 2012 Oracle, Inc. CVE-2011-5000 Oracle Linux 6 [2.4.23-26] - fix: MozNSS CA cert dir does not work together with PEM CA cert file (#818844) - fix: memory leak: def_urlpre is not freed (#816168) - fix update: Default SSL certificate bundle is not found by openldap library (#742023) [2.4.23-25] - fix update: Default SSL certificate bundle is not found by openldap library (#742023) [2.4.23-24] - fix update: Default SSL certificate bundle is not found by openldap library (#742023) - fix: memberof overlay on the frontend database causes server segfault (#730745) [2.4.23-23] - security fix: CVE-2012-1164: assertion failure by processing search queries requesting only attributes for particular entry (#813162) [2.4.23-22] - fix: libraries leak memory when following referrals (#807363) [2.4.23-21] - fix: ldapsearch crashes with invalid parameters (#743781) - fix: replication (syncrepl) with TLS causes segfault (#783445) - fix: openldap server in MirrorMode sometimes fails to resync via syncrepl (#784211) - use portreserve to reserve LDAPS port (636/tcp+udp) (#790687) - fix: missing options in manual pages of client tools (#745470) - fix: SASL_NOCANON option missing in ldap.conf manual page (#732916) - fix: slapd segfaults when certificate key cannot be loaded (#796808) - Jan Synacek <jsynacek@redhat.com> + fix: overlay constraint with count option work bad with modify operation (#742163) + fix: Default SSL certificate bundle is not found by openldap library (#742023) + fix: Duplicate close() calls in OpenLDAP (#784203) LOW Copyright 2012 Oracle, Inc. CVE-2012-1164 Oracle Linux 6 [4.8.1-10] - mount.cifs: don't allow unprivileged users to mount onto dirs they can't chdir into (bz 812782) [4.8.1-9] - cifs.upcall: use krb5_sname_to_principal to construct principal name (bz 805490) [4.8.1-8] - mount.cifs: add backupuid=/backupgid= mount options (bz 806337) [4.8.1-7] - RFE: Improve selection of SPNs with cifs.upcall (bz 748757) - mount.cifs does not use KRB5_CONFIG (bz 748756) [creates additional entries in /etc/mtab (bz 770004)] - mount.cifs does not honor the uid/gid=username option, only the uid/gid=# option (bz 796463) [4.8.1-6] - undocumented mount.cifs options (bz 769923) LOW Copyright 2012 Oracle, Inc. CVE-2012-1586 Oracle Linux 6 [1.10.6-1] - xserver 1.10.6 - Use git-style patch names - compsize.h, glxcmds.h: Copy from upstream git since they fell out of the upstream tarball [1.10.4-15] - Undo regression introduced in Patch8007 (#732467) [1.10.4-14] - xserver-1.10.4-sync-revert.patch: Revert an edge-case change in IDLETIME that appears to be more wrong than right. (#748704) [1.10.4-13] - xserver-1.10.4-randr-corner-case.patch: Fix a corner case in initial mode selection. (#657580) - xserver-1.10.4-vbe-no-cache-ddc-support.patch: Only interpret complete non-support for DDC extension as 'DDC unavailable'. (#657580) [1.10.4-11] - xserver-1.10.4-dix-when-rescaling-from-master-rescale-from-desktop-.patch: fix rescaling from master to slave if the pointer (#732467) [1.10.4-10] - Add patches to change the screen crossing behaviour for multiple ScreenRecs (#732467) - remove the xorg.conf.man page from our .gitignore - we need to patch it now and its part of the upstream distribution [1.10.4-9] - xserver-1.10.4-no-24bpp-xaa-composite.patch: Disable Composite at 24bpp in XAA (#651934) [1.10.4-8] - xserver-1.10.4-fb-picture-crash.patch: Fix crash on invalid pictures (#722680) [1.10.4-7] - fix xephyr rendering when using two screens (#757792) LOW Copyright 2012 Oracle, Inc. CVE-2011-4028 CVE-2011-4029 Oracle Linux 6 [2.2-29.0.1.el6] - Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272] - Disable --upload option as it will not work with Oracle support - Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869] - Remove RH ftp URL and support email - add sos-oracle-enterprise.patch [2.2-29.el6] - Collect the swift configuration directory in gluster module Resolves: bz822442 - Update IPA module and related plug-ins Resolves: bz812395 [2.2-28.el6] - Collect mcelog files in the hardware module Resolves: bz810702 [2.2-27.el6] - Add nfs statedump collection to gluster module Resolves: bz752549 [2.2-26.el6] - Use wildcard to match possible libvirt log paths Resolves: bz814474 [2.2-25.el6] - Add forbidden paths for new location of gluster private keys Resolves: bz752549 [2.2-24.el6] - Fix katello and aeolus command string syntax Resolves: bz752666 - Remove stray hunk from gluster module patch Resolves: bz784061 [2.2-22.el6] - Correct aeolus debug invocation in CloudForms module Resolves: bz752666 - Update gluster module for gluster-3.3 Resolves: bz784061 - Add additional command output to gluster module Resolves: bz768641 - Add support for collecting gluster configuration and logs Resolves: bz752549 [2.2-19.el6] - Collect additional diagnostic information for realtime systems Resolves: bz789096 - Improve sanitization of RHN user and case number in report name Resolves: bz771393 - Fix verbose output and debug logging Resolves: bz782339 - Add basic support for CloudForms data collection Resolves: bz752666 - Add support for Subscription Asset Manager diagnostics Resolves: bz752670 [2.2-18.el6] - Collect fence_virt.conf in cluster module Resolves: bz760995 - Fix collection of /proc/net directory tree Resolves: bz730641 - Gather output of cpufreq-info when present Resolves: bz760424 - Fix brctl showstp output when bridges contain multiple interfaces Resolves: bz751273 - Add /etc/modprobe.d to kernel module Resolves: bz749919 - Ensure relative symlink targets are correctly handled when copying Resolves: bz782589 - Fix satellite and proxy package detection in rhn plugin Resolves: bz749262 - Collect stderr output from external commands Resolves: bz739080 - Collect /proc/cgroups in the cgroups module Resolve: bz784874 - Collect /proc/irq in the kernel module Resolves: bz784862 - Fix installed-rpms formatting for long package names Resolves: bz767827 - Add symbolic links for truncated log files Resolves: bz766583 - Collect non-standard syslog and rsyslog log files Resolves: bz771501 - Use correct paths for tomcat6 in RHN module Resolves: bz749279 - Obscure root password if present in anacond-ks.cfg Resolves: bz790402 - Do not accept embedded forward slashes in RHN usernames Resolves: bz771393 - Add new sunrpc module to collect rpcinfo for gluster systems Resolves: bz784061 LOW Copyright 2012 Oracle, Inc. CVE-2012-2664 Oracle Linux 6 nspr [4.9-1] - Resolves: rhbz#799193 - Update to 4.9 nss [3.13.3-6.0.1.el6] - Added nss-vendor.patch to change vendor - Use blank image instead of clean.gif in tar ball [3.13.3-6] - Resolves: #rhbz#805232 PEM module may attempt to free uninitialized pointer [3.13.3-5] - Resolves: rhbz#717913 - [PEM] various flaws detected by Coverity - Require nss-util 3.13.3 [3.13.3-4] - Resolves: rhbz#772628 nss_Init leaks memory [3.13.3-3] - Resolves: rhbz#746632 - pem_CreateObject mem leak on non existing file name - Use completed patch per code review [3.13.3-2] - Resolves: rhbz#746632 - pem_CreateObject mem leak on non existing file name - Resolves: rhbz#768669 - PEM unregistered callback causes SIGSEGV [3.13.3-1] - Update to 3.13.3 - Resolves: rhbz#798539 - Distrust MITM subCAs issued by TrustWave - Remove builtins-nssckbi_1_88_rtm.patch which the rebase obsoletes nss-util [3.13.3-2] - Resolves: rhbz#799192 - Update to 3.13.3 - Update minimum nspr version for Requires and BuildRequires to 4.9 - Fix version/release in changelog to match the Version and Release tags, now 3.13.3-2 [3.13.1-5] - Resolves: rhbz#799192 - Update to 3.13.3 MODERATE Copyright 2012 Oracle, Inc. Oracle Linux 6 [2.1.3-2] - Fix possible XML Hash DoS Resolves: #803391 [2.1.3] - Update to sblim-cim-client2-2.1.3 [2.0.9.2-1] - Initial support LOW Copyright 2012 Oracle, Inc. CVE-2012-2328 Oracle Linux 6 [1.2.10.2-18] - Resolves: Bug 830001 - unhashed#user#password visible after changing password -- patch 0020 disallows users' direct modify on unhashed#user#password [1.2.10.2-17] - Resolves: Bug 830001 - unhashed#user#password visible after changing password -- patch 0019 fixes deref issue. [1.2.10.2-16] - Resolves: Bug 830001 - unhashed#user#password visible after changing password - Resolves: Bug 830256 - Audit log - clear text password in user changes MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2678 CVE-2012-2746 Oracle Linux 6 [1.7.0.5-2.2.1.0.1.el6] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6] - Updated priority to be > 17000 and to depend on buildver variable - Variable buildver increased to 5 as it should be - Resolves: rhbz#828759 [1.7.0.3-2.2.1.el6] - Used newly prepared tarball with security fixes - Bump to icedtea7-forest-2.2.1 - _mandir/man1/jcmd-name.1 added to alternatives - Updated rhino.patch - Updated java-1.7.0-openjdk-java-access-bridge-security.patch - Modified partially upstreamed patch302 - systemtap.patch - Temporarly disabled patch102 - java-1.7.0-openjdk-size_t.patch - Removed already upstreamed patches 104,108,109,301,110: - java-1.7.0-openjdk-arm-ftbfs.patch - java-1.7.0-openjdk-system-zlib.patch - java-1.7.0-openjdk-remove-mimpure-opt.patch - systemtap-alloc-size-workaround.patch - java-1.7.0-fix-gio-detection.patch - Access gnome bridge jar forced to be 644 - Added patch303 - java-1.7.0-openjdk-jstack.patch which resolved RH804632 for openjdk6 - Resolves: rhbz#828759 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 Oracle Linux 5 [8.1.23-5] - Back-port upstream fix for CVE-2012-2143 Resolves: #830721 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2143 Oracle Linux 5 Oracle Linux 6 [8.4.12-1] - Update to PostgreSQL 8.4.12, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-12.html including the fixes for CVE-2012-2143, CVE-2012-2655 Resolves: #830723 [8.4.11-2] - Add patches for CVE-2012-2143, CVE-2012-2655 Resolves: #830723 [8.4.11-1] - Update to PostgreSQL 8.4.11, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-11.html http://www.postgresql.org/docs/8.4/static/release-8-4-10.html including the fixes for CVE-2012-0866, CVE-2012-0867, CVE-2012-0868 Resolves: #812077 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2143 CVE-2012-2655 Oracle Linux 5 [5.1.6-39] - fix issue in CVE-2012-0057 patch [5.1.6-38] - fix memory handling in CVE-2012-0789 patch [5.1.6-37] - add security fixes for CVE-2012-0057, CVE-2011-4153, CVE-2012-0789, CVE-2012-1172 [5.1.6-36] - add security fix for CVE-2012-2336 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4153 CVE-2012-0057 CVE-2012-0789 CVE-2012-1172 CVE-2012-2336 Oracle Linux 6 [5.3.3-14] - add security fix for CVE-2010-2950 [5.3.3-13] - fix tests for CVE-2012-2143, CVE-2012-0789 [5.3.3-12] - add fix for CVE-2012-2336 [5.3.3-11] - add security fixes for CVE-2012-0781, CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386 [5.3.3-9] - correct detection of = in CVE-2012-1823 fix (#818607) [5.3.3-8] - add security fix for CVE-2012-1823 (#818607) [5.3.3-7] - add security fix for CVE-2012-0830 (#786744) [5.3.3-6] - merge Joe's changes: - improve CVE-2011-1466 fix to cover CAL_GREGORIAN, CAL_JEWISH - add security fixes for CVE-2011-2483, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, and CVE-2011-2202 (#740732) [5.3.3-5] - remove extra php.ini-prod/devel files caused by %patch -b [5.3.3-4] - add security fixes for CVE-2011-4885, CVE-2011-4566 (#769755) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2143 CVE-2011-4153 CVE-2012-0057 CVE-2012-0789 CVE-2012-1172 CVE-2012-2336 CVE-2010-2950 CVE-2012-2386 CVE-2012-0781 Oracle Linux 5 [5.3.3-13] - add security fix for CVE-2010-2950 [5.3.3-11] - fix tests for CVE-2012-2143, CVE-2012-0789 [5.3.3-10] - add security fix for CVE-2012-2336 [5.3.3-9] - add security fixes for CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2143 CVE-2011-4153 CVE-2012-0057 CVE-2012-0789 CVE-2012-1172 CVE-2012-2336 CVE-2010-2950 CVE-2012-2386 Oracle Linux 5 Oracle Linux 6 [3.9.4-6] - Add fixes for CVE-2012-2088, CVE-2012-2113 Resolves: #835748 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2088 CVE-2012-2113 Oracle Linux 5 [2.6.18-308.11.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] +- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.11.1.el5] - [net] ixgbe: remove flow director stats (Andy Gospodarek) [832169 830226] - [net] ixgbe: fix default return value for ixgbe_cache_ring_fdir (Andy Gospodarek) [832169 830226] - [net] ixgbe: reverting setup redirection table for multiple packet buffers (Andy Gospodarek) [832169 830226] [2.6.18-308.10.1.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] {CVE-2012-2934} - [scsi] qla2xxx: Use ha->pdev->revision in 4Gbps MSI-X check. (Chad Dupuis) [816373 800653] - [fs] sunrpc: do array overrun check in svc_recv before page alloc (J. Bruce Fields) [820358 814626] - [fs] knfsd: fix an NFSD bug with full size non-page-aligned reads (J. Bruce Fields) [820358 814626] - [fs] sunrpc: fix oops due to overrunning server's page array (J. Bruce Fields) [820358 814626] - [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [829670 817131] - [x86_64] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [824654 818787] - [net] sunrpc: Don't use list_for_each_entry_safe in rpc_wake_up (Steve Dickson) [817571 809937] - [s390] qeth: add missing wake_up call (Hendrik Brueckner) [829059 790900] [2.6.18-308.9.1.el5] - [fs] jbd: clear b_modified before moving the jh to a different transaction (Josef Bacik) [827205 563247] MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3375 Oracle Linux 5 [2.6.18-308.11.1.el5] - [net] ixgbe: remove flow director stats (Andy Gospodarek) [832169 830226] - [net] ixgbe: fix default return value for ixgbe_cache_ring_fdir (Andy Gospodarek) [832169 830226] - [net] ixgbe: reverting setup redirection table for multiple packet buffers (Andy Gospodarek) [832169 830226] [2.6.18-308.10.1.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] {CVE-2012-2934} - [scsi] qla2xxx: Use ha->pdev->revision in 4Gbps MSI-X check. (Chad Dupuis) [816373 800653] - [fs] sunrpc: do array overrun check in svc_recv before page alloc (J. Bruce Fields) [820358 814626] - [fs] knfsd: fix an NFSD bug with full size non-page-aligned reads (J. Bruce Fields) [820358 814626] - [fs] sunrpc: fix oops due to overrunning server's page array (J. Bruce Fields) [820358 814626] - [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [829670 817131] - [x86_64] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [824654 818787] - [net] sunrpc: Don't use list_for_each_entry_safe in rpc_wake_up (Steve Dickson) [817571 809937] - [s390] qeth: add missing wake_up call (Hendrik Brueckner) [829059 790900] [2.6.18-308.9.1.el5] - [fs] jbd: clear b_modified before moving the jh to a different transaction (Josef Bacik) [827205 563247] MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3375 Oracle Linux 6 [2.6.32-279.1.1.el6] - [kernel] Prevent keyctl new_session from causing a panic (David Howells) [833433 827424] {CVE-2012-2745} - [net] ipv6/netfilter: fix null pointer dereference in nf_ct_frag6_reasm() (Petr Matousek) [833410 833412] {CVE-2012-2744} - [fs] nfs: Map minor mismatch error to protocol not support error (Steve Dickson) [832365 796352] - [fs] ext4: Fix overflow caused by missing cast in ext4_fallocate() (Lukas Czerner) [833034 830209] - [ata] libata: Add 2GB ATA Flash Disk/ADMA428M to DMA blacklist (Prarit Bhargava) [832363 812904] - [netdrv] r8169: fix typo in firmware filenames (Ivan Vecera) [832359 829211] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2744 CVE-2012-2745 Oracle Linux 6 [1.3-8] - Apply patches for CVE-2009-5030, CVE-2012-3358 Resolves: #831561 - Include -DCMAKE_INSTALL_LIBDIR in cmake call; fixes FTBFS with recent versions of cmake IMPORTANT Copyright 2012 Oracle, Inc. CVE-2009-5030 CVE-2012-3358 Oracle Linux 5 Oracle Linux 6 [1.7.4p5-12] - added patch for CVE-2012-2337 Resolves: rhbz#829756 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2337 Oracle Linux 5 Oracle Linux 6 firefox [10.0.6-1.0.1.el6_3] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.6-1] - Update to 10.0.6 ESR [10.0.5-3] - Enabled WebM [10.0.5-2] - Added fix for mozbz#703633, rhbz#818341 xulrunner [10.0.6-1.0.1.el6_3] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.6-1] - Update to 10.0.6 ESR [10.0.5-3] - Added fix for rhbz#808136 (mozbz#762301) [10.0.5-2] - Enabled WebM (rhbz#798880) CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1948 CVE-2012-1950 CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 CVE-2012-1955 CVE-2012-1957 CVE-2012-1958 CVE-2012-1959 CVE-2012-1961 CVE-2012-1962 CVE-2012-1963 CVE-2012-1964 CVE-2012-1965 CVE-2012-1966 CVE-2012-1967 Oracle Linux 6 [10.0.6-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.6-1] - Update to 10.0.6 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1948 CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 CVE-2012-1955 CVE-2012-1957 CVE-2012-1958 CVE-2012-1959 CVE-2012-1961 CVE-2012-1962 CVE-2012-1963 CVE-2012-1964 CVE-2012-1967 Oracle Linux 5 nspr [4.9.1-4] - Resolves: rhbz#834219 - Fix postinstall scriptlet failures - Fix %post and %postun lines per packaging guidelines - Updated License: to MPLv2.0 per upstream [4.9.1-3] - Resolves: rhbz#834219 - Ensure nspr-config.in changes get applied [4.9.1-2] - Resolves: rhbz#834219 - restore top section of nspr-config-pc.patch - Needed to prevent multilib regressions nss [3.13.5-4.0.1.el5_8 ] - Update clean.gif in the tarball [3.13.5-4] - Related: rhbz#834219 - Fix ia64 / i386 multilib nss install failure - Remove no longer needed %pre and %preun scriplets meant for nss updates from RHEL-5.0 [3.13.5-3] - Resolves: rhbz#834219 - Fix the changes to the %post line - Having multiple commands requires that /sbin/lconfig be the beginning of the scriptlet [3.13.5-2] - Resolves: rhbz#834219 - Fix multilib and scriptlet problems - Fix %post and %postun lines per packaging guildelines - Add %{?_isa} to tools Requires: per packaging guidelines - Fix explicit-lib-dependency zlib error reported by rpmlint [3.13.5-1] - Resolves: rhbz#834219 - Update RHEL 5.x to NSS 3.13.5 and NSPR 4.9.1 for Mozilla 10.0.6 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0441 Oracle Linux 6 nspr [4.9.1-2] - Related: rhbz#833762 - Update License to MPLv2.0 [4.9.1-1] - Resolves: rhbz#833762 - Update to NSPR_4_9_1_RTM nss [3.13.5-1.0.1.el6_3 ] - Added nss-vendor.patch to change vendor - Use blank image instead of clean.gif in tar ball [3.13.5-1] - Resolves: rhbz#834100 - Update to 3.13.5 for mozilla 10.0.6 nss-util [3.13.5-1] - Resolves: rhbz#833763 - Update to 3.13.5 for Mozilla 10.0.6 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0441 Oracle Linux 5 [2.5-81.el5_8.4] - Fix iconv() segfault if the invalid multibyte character 0xffff is input when converting from IBM930 (#837896) [2.5-81.el5_8.3] - Fix unbound alloca in vfprintf (#833720) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3406 Oracle Linux 6 [2.12-1.80.el6_3.3] - Fix incorrect/corrupt patchfile for 833716. Did not affect generated code, but tests were missing (#833716). [2.12-1.80.el6_3.2] - Fix regression after patch for BZ804630 (#837026). [2.12-1.80.el6_3.1] - Fixes an unbound alloca and related problems. (#833716) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 Oracle Linux 6 [2.7.9-5.el6.2] - Add patch for CVE-2011-2485 (RH bug #837561). [2.7.9-5.el6.1] - Add patch for CVE-2012-1178 (RH bug #837560). - Add patch for CVE-2012-2318 (RH bug #837560). - Add patch for CVE-2012-3374 (RH bug #837560). [2.7.9-5.el6] - Add patch for CVE-2011-4602 (RH bug #766453). [2.7.9-4.el6] - Add patch for CVE-2011-4601 (RH bug #766453). MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2318 CVE-2012-3374 Oracle Linux 5 Oracle Linux 6 [2.15.1-4] - Resolves: rhbz#841131 (CVE-2012-1151) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-1151 Oracle Linux 5 Oracle Linux 6 [32:9.8.2-0.10.rc1.2] - fix CVE-2012-3817 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3817 Oracle Linux 5 [3.0.3-135.el5_8.4] - pygrub: Improve handling of big files (rhbz 821704) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2625 Oracle Linux 6 [1.9-33.2] - pull up the patch to correct a possible NULL pointer dereference in kadmind (CVE-2012-1013, #827517) [1.9-33.1] - add candidate patch from upstream to fix freeing uninitialized pointer in the KDC (MITKRB5-SA-2012-001, CVE-2012-1015, #839859) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-1013 CVE-2012-1015 Oracle Linux 6 [1.2.1-1] - Updated to 1.2.1 - Resolves: CVE-2012-3422 - Resolves: CVE-2012-3423 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3422 CVE-2012-3423 Oracle Linux 6 [3.4.5.2-16.1.0.1.el6_3 ] - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' [3.4.5.2-16.1] - Resolves: rhbz#839867 CVE-2012-2665 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2665 Oracle Linux 6 [1.1.0-0.9.b1.1] - fix CVE-2012-3429 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3429 Oracle Linux 5 [12:3.0.5-31.1] - An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. (CVE-2012-3571, #843124) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3571 Oracle Linux 6 [12:4.1.1-31.P1.0.1.el6_3.1] - Added oracle-errwarn-message.patch [12:4.1.1-31.P1.1] - An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. (CVE-2012-3571, #843120) - Memory Leaks Found In ISC DHCP (CVE-2012-3954, #843120) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3954 CVE-2012-3571 Oracle Linux 5 [1.7.2p1-14.2] - added a workaround for a race condition in handling child processes Resolves: rhbz#844978 [1.7.2p1-14.1] - dont remove the sudoers: line from nsswitch.conf on update - use safe temporary file for nsswitch.conf - call restorecon after modifying nsswitch.conf - fixed command escaping - patch: Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK Resolves: rhbz#842759 Resolves: rhbz#844420 Resolves: rhbz#844419 Resolves: rhbz#844418 Resolves: rhbz#844443 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3440 Oracle Linux 6 [2.4.23-26.2] - CVE-2012-2668 (#825875) cipher suite selection by name can be ignored default cipher suite is always selected [2.4.23-26.1] - fix: smbk5pwd module computes invalid LM hashes (#820278) LOW Copyright 2012 Oracle, Inc. CVE-2012-2668 Oracle Linux 6 [2.6.32-279.5.1.el6] - [net] 8021q/vlan: filter device events on bonds (Neil Horman) [842429 841983] [2.6.32-279.4.1.el6] - [fs] proc: stats: Use arch_idle_time for idle and iowait times if available (Steve Best) [841579 841149] - [drm] i915: fix integer overflow in i915_gem_execbuffer2() (Jacob Tanenbaum) [824553 824555] {CVE-2012-2383} - [usb] core: change the memory limits in usbfs URB submission (Don Zickus) [841667 828271] - [usb] core: unify some error pathways in usbfs (Don Zickus) [841667 828271] - [netdrv] ixgbe: BIT_APP_UPCHG not set by ixgbe_copy_dcb_cfg() (Andy Gospodarek) [840156 814044] - [netdrv] ixgbe: driver fix for link flap (Andy Gospodarek) [840156 814044] - [net] bridge: Fix enforcement of multicast hash_max limit (Thomas Graf) [840023 832575] - [net] bluetooth: fix sco_conninfo infoleak (Jacob Tanenbaum) [681307 681308] {CVE-2011-1078} - [wireless] ipw2200: remove references to CFG80211_WEXT config option (John Linville) [841406 839311] - [netdrv] be2net: enable GRO by default (Ivan Vecera) [838821 837230] - [virt] kvm/vmx: Fix KVM_SET_SREGS with big real mode segments (Orit Wasserman) [841411 756044] - [fs] writeback: merge for_kupdate and !for_kupdate cases (Eric Sandeen) [832360 818172] - [fs] writeback: fix queue_io() ordering (Eric Sandeen) [832360 818172] - [fs] writeback: don't redirty tail an inode with dirty pages (Eric Sandeen) [832360 818172] [2.6.32-279.3.1.el6] - [fs] ext4: properly dirty split extent nodes (David Jeffery) [840052 838640] MODERATE Copyright 2012 Oracle, Inc. CVE-2011-1078 CVE-2012-2383 Oracle Linux 5 kernel [2.6.18-308.13.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.13.1.el5] - [net] e1000e: Cleanup logic in e1000_check_for_serdes_link_82571 (Dean Nelson) [841370 771366] - [net] e1000e: Correct link check logic for 82571 serdes (Dean Nelson) [841370 771366] - [mm] NULL pointer dereference in __vm_enough_memory (Jerome Marchand) [840077 836244] - [fs] dlm: fix slow rsb search in dir recovery (David Teigland) [838140 753244] - [fs] autofs: propogate LOOKUP_DIRECTORY flag only for last comp (Ian Kent) [830264 814418] - [fs] ext4: properly dirty split extent nodes (Eric Sandeen) [840946 839770] - [scsi] don't offline devices with a reservation conflict (David Jeffery) [839196 835660] - [fs] ext4: Fix overflow caused by missing cast in ext4_fallocate (Lukas Czerner) [837226 830351] - [net] dl2k: Clean up rio_ioctl (Weiping Pan) [818822 818823] {CVE-2012-2313} - [x86] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [835450 834562] - [net] tg3: Fix TSO handling (John Feeney) [833182 795672] - [input] evdev: use after free from open/disconnect race (David Jeffery) [832448 822166] [2.6.18-308.12.1.el5] - [fs] nfs: Don't allow multiple mounts on same mntpnt with -o noac (Sachin Prabhu) [839806 839753] LOW Copyright 2012 Oracle, Inc. CVE-2012-2313 Oracle Linux 5 kernel [2.6.18-308.13.1.el5] - [net] e1000e: Cleanup logic in e1000_check_for_serdes_link_82571 (Dean Nelson) [841370 771366] - [net] e1000e: Correct link check logic for 82571 serdes (Dean Nelson) [841370 771366] - [mm] NULL pointer dereference in __vm_enough_memory (Jerome Marchand) [840077 836244] - [fs] dlm: fix slow rsb search in dir recovery (David Teigland) [838140 753244] - [fs] autofs: propogate LOOKUP_DIRECTORY flag only for last comp (Ian Kent) [830264 814418] - [fs] ext4: properly dirty split extent nodes (Eric Sandeen) [840946 839770] - [scsi] don't offline devices with a reservation conflict (David Jeffery) [839196 835660] - [fs] ext4: Fix overflow caused by missing cast in ext4_fallocate (Lukas Czerner) [837226 830351] - [net] dl2k: Clean up rio_ioctl (Weiping Pan) [818822 818823] {CVE-2012-2313} - [x86] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [835450 834562] - [net] tg3: Fix TSO handling (John Feeney) [833182 795672] - [input] evdev: use after free from open/disconnect race (David Jeffery) [832448 822166] [2.6.18-308.12.1.el5] - [fs] nfs: Don't allow multiple mounts on same mntpnt with -o noac (Sachin Prabhu) [839806 839753] LOW Copyright 2012 Oracle, Inc. CVE-2012-2313 Oracle Linux 6 [2:2.6.9-4.3] - fix overflow in GIF loader (#847303) [2:2.6.9-4.2] - fix overflows in GIF, CEL loaders (#727800, #839020) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-2896 CVE-2012-3403 CVE-2012-3481 Oracle Linux 5 [2:2.2.13-2.0.7.el5_8.5] - fix overflow in GIF loader (CVE-2012-3481) [2:2.2.13-2.0.7.el5_8.4] - fix overflows in PSD plugin (CVE-2009-3909, CVE-2012-3402) - fix heap corruption and overflow in GIF plug-in (CVE-2011-2896) - fix overflow in CEL plug-in (CVE-2012-3403) MODERATE Copyright 2012 Oracle, Inc. CVE-2011-2896 CVE-2009-3909 CVE-2012-3402 CVE-2012-3403 CVE-2012-3481 Oracle Linux 5 [3.0-33.15.el5_9.1] - more robust fix for CVE-2010-3702 (#773178) [3.0-33.15] - apply patch for CVE-2010-3702,3704 (#773180) [3.0-33.14] - fix CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554, texlive various flaws (#773180) MODERATE Copyright 2012 Oracle, Inc. CVE-2010-2642 CVE-2010-3702 CVE-2010-3704 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 Oracle Linux 6 [libvirt-0.9.10-21.0.1.el6_3.4] - Replace docs/et.png in tarball with blank image [libvirt-0.9.10-21.el6_3.4] - daemon: Fix crash in virTypedParameterArrayClear (rhbz#844735) - remote: Fix locking in stream APIs (rhbz#847946) - Using virOnce for global initialization is desirable (rhbz#847959) - json: Fix interface locale dependency (rhbz#847959) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3445 Oracle Linux 6 [1.7.3-5] - fix group permissions in serve.py Resolves: CVE-2012-0878 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0878 Oracle Linux 5 [2.5-81.el5_8.7] - Fix out of bounds array access in strto* exposed by 847929 patch. [2.5-81.el5_8.6] - Fix integer overflow leading to buffer overflow in strto* (#847929) [2.5-81.el5_8.5] - Do not use PT_IEEE_IP ptrace calls (#839411) - Update ULPs (#839411) - Fix various transcendentals in non-default rounding modes (#839411) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3480 Oracle Linux 6 [2.12-1.80.el6_3.5] - Fix integer overflow leading to buffer overflow in strto* and related out of bounds array index (#847931) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3480 Oracle Linux 5 Oracle Linux 6 firefox [10.0.7-1.0.1.el6_3] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.7-1] - Update to 10.0.7 ESR xulrunner [10.0.7-1.0.1.el6_3] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.7-1] - Update to 10.0.7 ESR [10.0.6-2] - Added fix for rhbz#770276 - Firefox segfaults, should have a font dependency CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1970 CVE-2012-1972 CVE-2012-1973 CVE-2012-1974 CVE-2012-1975 CVE-2012-1976 CVE-2012-3956 CVE-2012-3957 CVE-2012-3958 CVE-2012-3959 CVE-2012-3960 CVE-2012-3961 CVE-2012-3962 CVE-2012-3963 CVE-2012-3964 CVE-2012-3966 CVE-2012-3967 CVE-2012-3968 CVE-2012-3969 CVE-2012-3970 CVE-2012-3972 CVE-2012-3976 CVE-2012-3978 CVE-2012-3980 Oracle Linux 6 [10.0.7-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.7-1] - Update to 10.0.7 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1970 CVE-2012-1972 CVE-2012-1973 CVE-2012-1974 CVE-2012-1975 CVE-2012-1976 CVE-2012-3956 CVE-2012-3957 CVE-2012-3958 CVE-2012-3959 CVE-2012-3960 CVE-2012-3961 CVE-2012-3962 CVE-2012-3963 CVE-2012-3964 CVE-2012-3966 CVE-2012-3967 CVE-2012-3968 CVE-2012-3969 CVE-2012-3970 CVE-2012-3972 CVE-2012-3978 CVE-2012-3980 Oracle Linux 6 [1:1.6.0.0-1.49.1.11.4] - Updated to latest IedTea6 1.11.4 - Resolves: rhbz#853345 [1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828752 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828752 [1:1.6.0.0-1.46.1.11.3] - Updated to IcedTea6 1.11.3 - Removed upstreamed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828752 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-0547 CVE-2012-1682 Oracle Linux 5 [1.6.0.0-1.28.1.10.9.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.9] - Updated to latest IcedTea6 1.10.9 - Resolves: rhbz#846709 - Resolves: rhbz#853114 [1:1.6.0.0-1.27.1.10.8] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828749 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0547 CVE-2012-1682 Oracle Linux 6 [1.7.0.5-2.2.1.0.1.el6_3.3] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6.3] - Removed patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch - Applied upstream patches for same issue: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6] - Added patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch to fix vulnerability until it is fixed in upstream sources. - Resolves: rhbz#852299 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 Oracle Linux 6 [0.12.1.2-2.295.el6_3.2] - kvm-console-bounds-check-whenever-changing-the-cursor-du.patch [bz#851257 - Resolves: bz#851257 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-6.3.z]) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3515 Oracle Linux 5 [83-249.0.1.el5_8.5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [83-249.el5_8.5] - kvm-console-bounds-check-whenever-changing-the-cursor-du-58.patch [bz#851255] - CVE: CVE-2012-3515 - Resolves: bz#851255 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-5.8.z]) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3515 Oracle Linux 5 [3.0.3-135.el5_8.5] - console: Prevent escape sequence length overflow (rhbz 851253) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3515 Oracle Linux 5 Oracle Linux 6 [0.6.21-5] - Update to version 0.6.21 fixing many bugs and CVEs - Remove upstreamed patches - Resolves: #839915 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2812 CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 Oracle Linux 5 Oracle Linux 6 [8.70-14:.1] - Added inputChan lower-bounds checking to icclib (bug #854227, CVE-2012-4405). MODERATE Copyright 2012 Oracle, Inc. CVE-2012-4405 Oracle Linux 5 [0.98.6-7.1] - fix CVE-2011-3323 - fix CVE-2011-3324 - fix CVE-2011-3325 - fix CVE-2011-3326 - fix CVE-2011-3327 - fix CVE-2012-0249 - fix CVE-2010-1674 [0.98.6-7] - Resolves: #638628 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws [0.98.6-6] - Resolves: #528583 - Missing declarations cause zebra to segfault MODERATE Copyright 2012 Oracle, Inc. CVE-2010-1674 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 Oracle Linux 6 [0.99.15-7.2] - improve fix for CVE-2011-3325 [0.99.15-7.1] - fix CVE-2011-3323 - fix CVE-2011-3324 - fix CVE-2011-3325 - fix CVE-2011-3326 - fix CVE-2011-3327 - fix CVE-2012-0255 - fix CVE-2012-0249 and CVE-2012-0250 - fix CVE-2012-1820 [0.99.15-7] - Resolves: #684751 - CVE-2010-1674 CVE-2010-1675 quagga various flaws [0.99.15-6] - Resolves: #644832 - CVE-2010-2948 CVE-2010-2949 quagga various flaws MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 CVE-2012-0255 CVE-2012-1820 Oracle Linux 6 [1:1.2.24-7.0.1.el6_3 ] - fix netlink poll: error 4 (Zhenzhong Duan) [1:1.2.24-7] - Resolves: #854821 [1:1.2.24-6] - Apply patches for CVE-2011-2200 - Resolves: #725314 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3524 Oracle Linux 5 Oracle Linux 6 [8.4.13-1] - Update to PostgreSQL 8.4.13, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-13.html including the fixes for CVE-2012-3488, CVE-2012-3489 Resolves: #852020 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3488 CVE-2012-3489 Oracle Linux 5 [8.1.23-6] - Back-port upstream fix for CVE-2012-3488 Resolves: #852015 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3488 Oracle Linux 5 Oracle Linux 6 [1.1.26-2.0.2.el6_3.1] - Increment release to avoid ULN conflict with previous release. [1.1.26-2.0.1.el6_3.1] - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.26-2.el6_3.1] - fixes CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870 - Fix direct pattern matching bug - Fix popping of vars in xsltCompilerNodePop - Fix bug 602515 - Fix generate-id() to not expose object addresses (CVE-2011-1202) - Fix some case of pattern parsing errors (CVE-2011-3970) - Fix a bug in selecting XSLT elements (CVE-2012-2825) - Fix portability to upcoming libxml2-2.9.0 - Fix default template processing on namespace nodes (CVE-2012-2871) - Cleanup of the pattern compilation code (CVE-2012-2870) - Hardening of code checking node types in various entry point (CVE-2012-2870) - Hardening of code checking node types in EXSLT (CVE-2012-2870) - Fix system-property with unknown namespace - Xsltproc should return an error code if xinclude fails - Fix a dictionary string usage - Avoid a heap use after free error IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 Oracle Linux 5 [32:9.7.0-10.P2.3] - fix CVE-2012-4244 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-4244 Oracle Linux 5 [30:9.3.6-20.P1.4] - bind-chroot-admin: set correct permissions on /etc/named.conf during update [30:9.3.6-20.P1.3] - fix CVE-2012-4244 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-4244 Oracle Linux 6 [32:9.8.2-0.10.rc1.3] - fix CVE-2012-4244 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-4244 Oracle Linux 6 python-qpid [0.14-11] - BZs: 825078 - Resolves: rhbz#840053 qpid-cpp [0.14-22.0.1.el6_3 ] - Update summary and description in specfile to be product neutral [0.14-22] - BZs: 609685, 849654, 854004 [0.14-21] - BZs: 831365, 840982, 844618 [0.14-20] - BZs: 683711, 689408, 825078, 834608, 841196, 841488 [0.14-19] - BZs: 609685, 683711, 693444, 707682, 729311, 801465, 808090, 809357, 811481, 817283, 826989, 831365, 835628 [0.14-18] - BZs: 609685, 729311, 808090, 809357, 817283 qpid-qmf [0.14-14.0.1.el6_3] - Change build vendor [0.14-14] - BZs: 693845, 773700, 806869, 847331 qpid-tools [0.14-6] - Resolves: rhbz#840058 - Fixed: Bug 850111 - qpid-stat -c mech column data missing MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2145 Oracle Linux 6 [1.3-9] - Apply patch for CVE-2012-3535 Resolves: CVE-2012-3535 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3535 Oracle Linux 6 [0.11-11.el6_3.1] - Fix version for Z-stream Related: rhbz#854823 [0.11-12] - Add patch fixing CVE-2012-3524 Resolves: rhbz#854823 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-4425 Oracle Linux 5 Oracle Linux 6 [2.7.6-8.0.1.el6_3.3 ] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-8.el6_3.3] - Change the XPath code to percolate allocation error (CVE-2011-1944) [2.7.6-8.el6_3.2] - Fix an off by one pointer access (CVE-2011-3102) [2.7.6-8.el6_3.1] - Fix a failure to report xmlreader parsing failures - Fix parser local buffers size problems (rhbz#843741) - Fix entities local buffers size problems (rhbz#843741) - Fix an error in previous commit (rhbz#843741) - Do not fetch external parsed entities - Impose a reasonable limit on attribute size (rhbz#843741) - Impose a reasonable limit on comment size (rhbz#843741) - Impose a reasonable limit on PI size (rhbz#843741) - Cleanups and new limit APIs for dictionaries (rhbz#843741) - Introduce some default parser limits (rhbz#843741) - Implement some default limits in the XPath module - Fixup limits parser (rhbz#843741) - Enforce XML_PARSER_EOF state handling through the parser - Avoid quadratic behaviour in some push parsing cases (rhbz#843741) - More avoid quadratic behaviour (rhbz#843741) - Strengthen behaviour of the push parser in problematic situations (rhbz#843741) - More fixups on the push parser behaviour (rhbz#843741) - Fix a segfault on XSD validation on pattern error - Fix an unimplemented part in RNG value validation [2.7.6-8.el6] - remove chunk in patch related to configure.in as it breaks rebuild - Resolves: rhbz#788846 [2.7.6-7.el6] - fix previous build to force compilation of randomization code - Resolves: rhbz#788846 [2.7.6-6.el6] - adds randomization to hash and dict structures CVE-2012-0841 - Resolves: rhbz#788846 [2.7.6-5.el6] - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919 - Resolves: rhbz#771910 MODERATE Copyright 2012 Oracle, Inc. CVE-2011-3102 CVE-2012-2807 Oracle Linux 6 [2.6.32-279.9.1.el6] - [md] raid1, raid10: avoid deadlock during resync/recovery. (Dave Wysochanski) [845464 835613] - [fs] dlm: fix deadlock between dlm_send and dlm_controld (David Teigland) [849051 824964] - [ata] libata: Add space to fix 2GB ATA Flash Disk/ADMA428M blacklist (Prarit Bhargava) [851445 843849] - [fs] nfs: nfs_attr_use_mounted_on_file() missing return value (Frantisek Hrbata) [847945 842312] - [fs] gfs2: Make gfs2_write_end not dirty the inode with every write (Robert S Peterson) [849551 844814] - [net] sched/act_mirred: do not drop packets when fails to mirror it (Jason Wang) [851444 846585] - [net] sched: fix race in mirred device removal (Jason Wang) [851444 846585] - [net] sched: printk message severity (Jason Wang) [851444 846585] - [net] sched: act_mirred cleanup (Jason Wang) [851444 846585] - [kernel] sched: Fix signed unsigned comparison in check_preempt_tick() (Frederic Weisbecker) [843102 835797] - [netdrv] be2net: reduce gso_max_size setting to account for ethernet header (Ivan Vecera) [842757 834185] - [powerpc] Fix wrong divisor in usecs_to_cputime backport (Steve Best) [847727 821374] - [fs] procfs: do not confuse jiffies with cputime64_t (Frantisek Hrbata) [847727 821374] - [kernel] time: Add nsecs_to_cputime64 interface for asm-generic (Steve Best) [847727 821374] - [powerpc] Fix wrong divisor in usecs_to_cputime (Steve Best) [847727 821374] [2.6.32-279.8.1.el6] - [netdrv] e1000e: prevent oops when adapter is being closed and reset simultaneously (Dean Nelson) [847045 826375] - [net] tcp: clear hints to avoid a stale one (Andy Gospodarek) [846832 807704] - [md] dm-raid1: Fix mirror crash when discard request is sent and sync is in progress (Mikulas Patocka) [846839 837607] - [netdrv] bond_alb: dont disable softirq under bond_alb_xmit (Jiri Pirko) [846216 841987] - [x86] ioapic: Fix kdump race with migrating irq (Don Zickus) [812962 783322] - [net] rds: set correct msg_namelen (Weiping Pan) [822729 822731] {CVE-2012-3430} - [x86] amd_iommu: Fix SRIOV and hotplug devices (Stefan Assmann) [846838 832009] - [mm] hugetlb: fix resv_map leak in error path (Motohiro Kosaki) [824350 824351] {CVE-2012-2390} - [netdrv] dl2k: fix unfiltered netdev rio_ioctl access by users (Jacob Tanenbaum) [818824 818825] {CVE-2012-2313} - [drm] i915: fix integer overflow in i915_gem_do_execbuffer() (Jacob Tanenbaum) [824561 824563] {CVE-2012-2384} - [virt] kvm: handle last_boosted_vcpu = 0 case (Rik van Riel) [847042 827031] - [md] raid5: Reintroduce locking in handle_stripe() to avoid racing (Jes Sorensen) [846836 828065] - [kernel] timekeeping: Fix leapsecond triggered load spike issue (Prarit Bhargava) [847366 840950 836803 836748] - [kernel] hrtimer: Provide clock_was_set_delayed() (Prarit Bhargava) [847366 840950 836803 836748] - [kernel] ntp: Add ntp_lock to replace xtime_locking (Prarit Bhargava) [847366 840950 836803 836748] - [fs] proc/stat: fix whitespace damage in use arch_idle_time patch (Steve Best) [841579 841149] [2.6.32-279.7.1.el6] - [net] netconsole: fix deadlock on network restart (Jiri Benc) [842982 839266] [2.6.32-279.6.1.el6] - [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [844274 829109] - [net] tun: allow tap iface in netconsoled bridge (Jiri Benc) [842984 838025] MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2313 CVE-2012-2384 CVE-2012-2390 CVE-2012-3430 CVE-2012-3552 Oracle Linux 5 kernel [2.6.18-308.16.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.16.1.el5] - Revert: [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191] - Revert: [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191] - Revert: [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191] - Revert: [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191] - Revert: [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191] - Revert: [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191] - Revert: [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - Revert: [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191] - Revert: [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - Revert: [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191] - Revert: [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191] - Revert: [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191] [2.6.18-308.15.1.el5] - [net] sfc: Fix max no of TSO segments and min TX queue size (Michal Schmidt) [845554 845555] {CVE-2012-3412} - [kernel] xacct_add_tsk: fix pure theoretical ->mm use-after-free (Nikola Pajkovsky) [849723 849725] {CVE-2012-3510} - [fs] hfsplus: Buffer overflow in the HFS plus filesystem (Jacob Tanenbaum) [820255 820256] {CVE-2012-2319} - [net] netfilter: add dscp netfilter match (Thomas Graf) [847327 842029] - [net] rds: set correct msg_namelen (Weiping Pan) [822727 822728] {CVE-2012-3430} - [misc] ERESTARTNOINTR seen from fork call in userspace (Oleg Nesterov) [847359 693822] - [fs] quota: manage reserved space when quota is not active (Eric Sandeen) [847326 818087] - [fs] quota: Fix warning if delayed write before quota is enabled (Eric Sandeen) [847326 818087] - [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191] - [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191] - [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191] - [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191] - [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191] - [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191] - [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191] - [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191] - [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191] - [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191] - [xen] x86: whitelist Enhanced SpeedStep for dom0 (Laszlo Ersek) [846125 809103] [2.6.18-308.14.1.el5] - [net] e1000e: drop check of RXCW.CW to eliminate link up and down (Dean Nelson) [852448 840642] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3430 CVE-2012-2319 CVE-2012-3412 CVE-2012-3510 Oracle Linux 5 kernel [2.6.18-308.16.1.el5] - Revert: [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191] - Revert: [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191] - Revert: [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191] - Revert: [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191] - Revert: [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191] - Revert: [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191] - Revert: [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - Revert: [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191] - Revert: [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - Revert: [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191] - Revert: [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191] - Revert: [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191] [2.6.18-308.15.1.el5] - [net] sfc: Fix max no of TSO segments and min TX queue size (Michal Schmidt) [845554 845555] {CVE-2012-3412} - [kernel] xacct_add_tsk: fix pure theoretical ->mm use-after-free (Nikola Pajkovsky) [849723 849725] {CVE-2012-3510} - [fs] hfsplus: Buffer overflow in the HFS plus filesystem (Jacob Tanenbaum) [820255 820256] {CVE-2012-2319} - [net] netfilter: add dscp netfilter match (Thomas Graf) [847327 842029] - [net] rds: set correct msg_namelen (Weiping Pan) [822727 822728] {CVE-2012-3430} - [misc] ERESTARTNOINTR seen from fork call in userspace (Oleg Nesterov) [847359 693822] - [fs] quota: manage reserved space when quota is not active (Eric Sandeen) [847326 818087] - [fs] quota: Fix warning if delayed write before quota is enabled (Eric Sandeen) [847326 818087] - [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191] - [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191] - [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191] - [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191] - [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191] - [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191] - [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191] - [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191] - [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191] - [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191] - [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191] - [xen] x86: whitelist Enhanced SpeedStep for dom0 (Laszlo Ersek) [846125 809103] [2.6.18-308.14.1.el5] - [net] e1000e: drop check of RXCW.CW to eliminate link up and down (Dean Nelson) [852448 840642] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3430 CVE-2012-2319 CVE-2012-3412 CVE-2012-3510 Oracle Linux 6 [2.1.12-4] - resolves: bug#855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3547 Oracle Linux 5 [2.1.12-4] - resolves: bug#855315 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3547 Oracle Linux 5 Oracle Linux 6 firefox [10.0.8-1.0.2.el6_3] - Updated firefox-oracle-default-prefs.js based on latest firefox-redhat-default-prefs.js [10.0.8-1.0.1.el6_3] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.8-1] - Update to 10.0.8 ESR xulrunner [10.0.8-1.0.1.el6_3] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.8-1] - Update to 10.0.8 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1956 CVE-2012-3982 CVE-2012-3986 CVE-2012-3988 CVE-2012-3990 CVE-2012-3991 CVE-2012-3992 CVE-2012-3993 CVE-2012-3994 CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 CVE-2012-4184 CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 Oracle Linux 5 Oracle Linux 6 [10.0.8-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.8-1] - Update to 10.0.8 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-1956 CVE-2012-3982 CVE-2012-3986 CVE-2012-3988 CVE-2012-3990 CVE-2012-3991 CVE-2012-3992 CVE-2012-3993 CVE-2012-3994 CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 CVE-2012-4184 CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 Oracle Linux 6 [libvirt-0.9.10-21.0.1.el6_3.5] - Replace docs/et.png in tarball with blank image [libvirt-0.9.10-21.el6_3.5] - security: Fix libvirtd crash possibility (CVE-2012-4423) - Fix augeas test of shared sanlock leases (rhbz#858988) - qemu augeas: Add spice_tls/spice_tls_x509_cert_dir (rhbz#858988) - Fix mistakes in augeas lens (rhbz#858988) - qemu: Fix failure path in disk hotplug (rhbz#859376) - blockjob: Relabel entire existing chain (rhbz#860720) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-4423 Oracle Linux 5 Oracle Linux 6 [10.0.8-2.0.1.el6_3] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.8-2] - Added patches from 10.0.9 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4193 Oracle Linux 5 Oracle Linux 6 [10.0.8-2.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.8-2] - Added patches from 10.0.9 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4193 Oracle Linux 5 Oracle Linux 6 [32:9.8.2-0.10.rc1.5] - fix CVE-2012-5166 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-5166 Oracle Linux 5 [32:9.7.0-10.P2.4] - fix CVE-2012-5166 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-5166 Oracle Linux 6 [2.6.32-279.11.1.el6] - [net] core: Fix napi_gro_frags vs netpoll path (Amerigo Wang) [857854 845347] - [netdrv] benet: disable BH in callers of be_process_mcc() (Amerigo Wang) [857854 845347] - [net] bonding: remove IFF_IN_NETPOLL flag (Amerigo Wang) [857854 845347] - [mm] fix contig_page_data kABI breakage and related memory corruption (Satoru Moriya) [857012 853007] - [net] sctp: backport sctp cache ipv6 source after route lookup (Michele Baldessari) [858284 855759] - [net] sctp: backport support of sctp multi-homing ipv6 source address selection (Michele Baldessari) [858284 855759] - [net] ipv6: backport RTA_PREFSRC ipv6 source route selection support (Michele Baldessari) [858285 851118] - [netdrv] sfc: Fix maximum number of TSO segments and minimum TX queue size (Nikolay Aleksandrov) [845556 845557] {CVE-2012-3412} - [s390] zfcp: No automatic port_rescan on events (Hendrik Brueckner) [856316 855131] - [fs] xfs: push the AIL from memory reclaim and periodic sync (Dave Chinner) [856686 855139] [2.6.32-279.10.1.el6] - [mm] hugetlbfs: close race during teardown of hugetlbfs shared page tables (Rafael Aquini) [857334 856325] - [mm] hugetlbfs: Correctly detect if page tables have just been shared (Rafael Aquini) [857334 856325] - [kernel] sched: fix divide by zero at {thread_group,task}_times (Stanislaw Gruszka) [856703 843771] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3412 Oracle Linux 6 [1:1.6.0.0-1.50.1.11.5] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865045 [1:1.6.0.0-1.49.1.11.5] - Updated to IcedTea6 1.11.5 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 Oracle Linux 5 [1:1.6.0.0-1.28.1.10.10.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.10] - Updated to IcedTea6 1.10.10 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 Oracle Linux 6 [1.7.0.9-2.3.3.0.1.el6_3.1] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.3.el6.1] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865050 [1.7.0.9-2.3.3.el6] - Updated to 2.3.3 - Updated java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 [1.7.0.5-2.3.2.el6.1] - Cleanup before security release - Updated to latest IcedTea7-forest 2.3 - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6.4] - Cleanup before security release - Removed patches: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 CVE-2012-5070 CVE-2012-5074 CVE-2012-5076 CVE-2012-5087 CVE-2012-5088 Oracle Linux 5 Oracle Linux 6 firefox [10.0.10-1.0.1.el6_3] - Replaced firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.10-1] - Update to 10.0.10 ESR [10.0.8-2] - Fixed rhbz#865284 - add the storage.nfs_filesystem config key to property list - disable OOP for wrapped plugins (nspluginwrapper) xulrunner [10.0.10-1.0.1.el6_3] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.10-1] - Added patches from 10.0.10 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 Oracle Linux 5 Oracle Linux 6 [10.0.10-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [10.0.10-1] - Update to 10.0.10 ESR IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 Oracle Linux 6 [6:4.3.4-14.2] - fix multilib conflict [6:4.3.4-14.1] - Resolves: bz#866228, CVE-2012-4512 CVE-2012-4513 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4512 CVE-2012-4513 Oracle Linux 6 [6:4.3.4-19.0.1] - rebuild it with new rules add build requirement of installing libXdmcp-devel [6:4.3.4-19] - fix multilib conflict [6:4.3.4-18] - Resolves: bz#866230, CVE-2012-4512 CVE-2012-4513 [4.3.4-17] - Resolves: bz#754161, bz#587016, bz#682611, bz#734734, bz#826114, respin [6:4.3.4-16] - Resolves: bz#754161, stop/warn when a subdir is not accessible when copying [6:4.3.4-15] - Resolves: bz#587016, print dialogue does not remember previous settings - Resolves: bz#682611, Konqueror splash page in zh_TW is wrong - Resolves: bz#734734, plasma eating up cpu-time when systemtray some icon - Resolves: bz#826114, konqueror crash when trying to add 'Terminal Emulator' to main menu bar CRITICAL Copyright 2013 Oracle, Inc. CVE-2012-4512 CVE-2012-4513 Oracle Linux 6 [2.6.32-279.14.1.el6] - [usb] usbhid: Fix use-after-free in USBHID (James Paradis) [864827 857518] - [usb] Add kernel parameter to force io_watchdog for Intel EHCI HCD (James Paradis) [865713 846024] - [block] Fix hanging kernel threads in blk_execute_rq() (James Paradis) [865308 855984] - [mm] hugetlb: do not use vma_hugecache_offset() for vma_prio_tree_foreach (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugepages: fix use after free bug in 'quota' handling (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugetlb: fix pgoff computation when unmapping page from vma (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [mm] hugetlb: fix ENOSPC returned by handle_mm_fault() (Frederic Weisbecker) [843034 843035] {CVE-2012-2133} - [fs] gfs2: Write out dirty inode metadata in delayed deletes (Frantisek Hrbata) [859326 748827] - [usb] core: Fix device removal race condition (James Paradis) [864821 849188] - [mm] x86_32: fix SHLIB_BASE address typo (Aristeu S. Rozanski F) [804955 804956] {CVE-2012-1568} - [hid] hidraw: fix window in hidraw_release (Don Zickus) [841824 839973] - [hid] hidraw: protect hidraw_disconnect() better (Don Zickus) [841824 839973] - [hid] hidraw: remove excessive _EMERG messages from hidraw (Don Zickus) [841824 839973] - [hid] hidraw: fix hidraw_disconnect() (Don Zickus) [841824 839973] - [hid] fix a NULL pointer dereference in hidraw_write (Don Zickus) [841824 839973] - [hid] fix a NULL pointer dereference in hidraw_ioctl (Don Zickus) [841824 839973] - [hid] remove BKL from hidraw (Don Zickus) [841824 839973] - [mm] x86_32: randomize SHLIB_BASE (Aristeu Rozanski) [804955 804956] {CVE-2012-1568} - [block] fix up use after free in __blkdev_get (Jeff Moyer) [853943 847838] - [scsi] remove no longer valid BUG_ON in scsi_lld_busy (Jeff Garzik) [860640 842881] - [scsi] fix NULL request_queue in scsi_requeue_run_queue() (Jeff Garzik) [860640 842881] - [net] svcrpc: fix BUG() in svc_tcp_clear_pages (J. Bruce Fields) [856106 769045] - [scsi] lpfc: Fixed SCSI device reset escalation (Rob Evers) [861390 827566] - [scsi] lpfc: Fix abort status (Rob Evers) [861390 827566] - [kernel] cgroup: add cgroup_root_mutex (Frederic Weisbecker) [858954 844531] - [mm] Hold a file reference in madvise_remove (Jerome Marchand) [849738 849739] {CVE-2012-3511} - [base] driver-core: fix device_register race (Rob Evers) [860784 833098] - [netdrv] e1000e: drop check of RXCW.CW to eliminate link going up and down (Dean Nelson) [857055 847310] - [scsi] be2iscsi: Format the MAC_ADDR with sysfs (Rob Evers) [863147 827594] - [usb] usbdevfs: Add a USBDEVFS_GET_CAPABILITIES ioctl (Don Zickus) [841667 828271] - [fs] udf: fix retun value on error path in udf_load_logicalvol (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Improve table length check to avoid possible overflow (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Fortify loading of sparing table (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Avoid run away loop when partition table length is corrupted (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [fs] udf: Use 'ret' instead of abusing 'i' in udf_load_logicalvol() (Nikola Pajkovsky) [843142 843143] {CVE-2012-3400} - [netdrv] bnx2x: Add remote-fault link detection (Michal Schmidt) [852450 814877] - [net] sunrpc: svc_xprt sends on closed socket should stop immediately (J. Bruce Fields) [853257 849702] - [mm] Never OOM kill tasks outside of memory cgroup when memory.limit_in_bytes is exceeded by a Transparent Huge Page (Larry Woodman) [860942 811255] - [powerpc] pseries: Support lower minimum entitlement for virtual processors (Steve Best) [860165 822651] - [usbhid] hiddev: Consolidate device existence checks in hiddev_ioctl (Don Zickus) [841824 839973] - [usbhid] hiddev: Fix race between disconnect and hiddev_ioctl (Don Zickus) [841824 839973] - [usbhid] hiddev: protect against disconnect/NULL-dereference race (Don Zickus) [841824 839973] - [crypto] algapi: Move larval completion into algboss (Herbert Xu) [854476 832135] - [fs] xfs: disable xfsaild idle mode (Brian Foster) [860787 813137] - [fs] xfs: fix the logspace waiting algorithm (Brian Foster) [860787 813137] - [fs] xfs: add AIL pushing tracepoints (Brian Foster) [860787 813137] - [fs] xfs: force the log if we encounter pinned buffers in .iop_pushbuf (Brian Foster) [860787 813137] - [fs] xfs: do not update xa_last_pushed_lsn for locked items (Brian Foster) [860787 813137] [2.6.32-279.13.1.el6] - [net] sctp: Implement quick failover draft from tsvwg (Neil Horman) [861953 830716] - [net] sctp: be more restrictive in transport selection on bundled sacks (Neil Horman) [861953 830716] [2.6.32-279.12.1.el6] - [netdrv] mlx4: check promisc on proper port (Doug Ledford) [858955 854052] - [netdrv] mlx4: attach multicast with correct flag (Doug Ledford) [858956 854376] - [netdrv] mlx4: remove redundant adding of steering type to gid (Doug Ledford) [859436 854053] - [netdrv] Revert: Fix a merge issue (Doug Ledford) [859436 854053] MODERATE Copyright 2012 Oracle, Inc. CVE-2012-1568 CVE-2012-2133 CVE-2012-3400 CVE-2012-3511 Oracle Linux 6 [1.2.2-1] - Updated to 1.2.2 - Resolves: CVE-2012-4540 CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4540 Oracle Linux 5 [2.6.18-308.20.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.20.1.el5] - Revert: [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568} [2.6.18-308.19.1.el5] - [net] be2net: Remove code that stops further access to BE NIC based on UE bits (Alexander Gordeev) [867896 862811] - [net] netpoll: fix an incorrect check for NULL pointer (Alexander Gordeev) [856079 848098] - [net] mlx4: Add support for EEH error recovery (Alexander Gordeev) [847404 798048] - [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100} - [fs] ext4: fix undefined behavior in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100} - [fs] fix crash if block {device|size} read & changed at sametime (Mikulas Patocka) [864823 756506] - [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568} - [net] ipv6: Fix fib6_dump_table walker leak (Jiri Benc) [861387 819830] - [fs] cifs: update cifs_dfs_d_automount caller path (Sachin Prabhu) [858774 857448] - [xen] x86: change the default behaviour of CVE-2012-2934 fix (Petr Matousek) [859946 858724] - [net] ipvs: allow transmit of GRO aggregated skbs (Jesper Brouer) [857966 854067] - [scsi] isci: fixup linkspeed definitions (David Milburn) [854986 833000] - [fs] nfs: nfs_d_automount update caller path after do_add_mount (Carlos Maiolino) [857552 834379] - [fs] vfs: Fix vfsmount overput on simultaneous automount (Carlos Maiolino) [857552 834379] [2.6.18-308.18.1.el5] - [fs] autofs4: Merge the remaining dentry ops tables (Ian Kent) [857558 850977] [2.6.18-308.17.1.el5] - [fs] cifs: Invalidate file cache in case of posix open (Sachin Prabhu) [857964 852526] LOW Copyright 2012 Oracle, Inc. CVE-2012-2100 Oracle Linux 5 [2.6.18-308.20.1.el5] - Revert: [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568} [2.6.18-308.19.1.el5] - [net] be2net: Remove code that stops further access to BE NIC based on UE bits (Alexander Gordeev) [867896 862811] - [net] netpoll: fix an incorrect check for NULL pointer (Alexander Gordeev) [856079 848098] - [net] mlx4: Add support for EEH error recovery (Alexander Gordeev) [847404 798048] - [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100} - [fs] ext4: fix undefined behavior in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100} - [fs] fix crash if block {device|size} read & changed at sametime (Mikulas Patocka) [864823 756506] - [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568} - [net] ipv6: Fix fib6_dump_table walker leak (Jiri Benc) [861387 819830] - [fs] cifs: update cifs_dfs_d_automount caller path (Sachin Prabhu) [858774 857448] - [xen] x86: change the default behaviour of CVE-2012-2934 fix (Petr Matousek) [859946 858724] - [net] ipvs: allow transmit of GRO aggregated skbs (Jesper Brouer) [857966 854067] - [scsi] isci: fixup linkspeed definitions (David Milburn) [854986 833000] - [fs] nfs: nfs_d_automount update caller path after do_add_mount (Carlos Maiolino) [857552 834379] - [fs] vfs: Fix vfsmount overput on simultaneous automount (Carlos Maiolino) [857552 834379] [2.6.18-308.18.1.el5] - [fs] autofs4: Merge the remaining dentry ops tables (Ian Kent) [857558 850977] [2.6.18-308.17.1.el5] - [fs] cifs: Invalidate file cache in case of posix open (Sachin Prabhu) [857964 852526] LOW Copyright 2012 Oracle, Inc. CVE-2012-2100 Oracle Linux 6 [0.1.2-4] - avoid buffer overflow in ppm loader (CVE-2012-4433) MODERATE Copyright 2012 Oracle, Inc. CVE-2012-4433 Oracle Linux 6 [1.4.4-1] - Rebase the package to latest upstream - Added Adobe reader fix (#645599) LOW Copyright 2012 Oracle, Inc. CVE-2011-2486 Oracle Linux 6 [0.3.0-3] - Fix CVE-2012-4505 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-4505 Oracle Linux 6 [5.1.66-1] - Update to 5.1.66, for assorted upstream bugfixes including CVEs announced in July and October 2012 Resolves: #871813 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-0540 CVE-2012-1688 CVE-2012-1689 CVE-2012-1690 CVE-2012-1703 CVE-2012-1734 CVE-2012-2749 CVE-2012-3150 CVE-2012-3158 CVE-2012-3160 CVE-2012-3163 CVE-2012-3166 CVE-2012-3167 CVE-2012-3173 CVE-2012-3177 CVE-2012-3180 CVE-2012-3197 Oracle Linux 5 Oracle Linux 6 firefox [10.0.11-1.0.1.el6_3] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [10.0.11-1] - Update to 10.0.11 ESR xulrunner [10.0.11-1.0.1.el6_3] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.11-1] - Update to 10.0.11 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 Oracle Linux 5 Oracle Linux 6 [10.0.11-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [10.0.11-1] - Update to 10.0.11 ESR CRITICAL Copyright 2012 Oracle, Inc. CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 Oracle Linux 5 Oracle Linux 6 [2.7.6-8.0.1.el6_3.4 ] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-8.el6_3.4] - fix out of range heap access (CVE-2012-5134) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-5134 Oracle Linux 5 kernel [2.6.18-308.24.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.24.1.el5] - Revert: [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004] [2.6.18-308.23.1.el5] - [net] bnx2x: Add remote-fault link detection (Alexander Gordeev) [870120 796905] - [net] bnx2x: Cosmetic changes (Alexander Gordeev) [870120 796905] - [net] rds-ping cause kernel panic (Alexander Gordeev) [822755 822756] {CVE-2012-2372} - [xen] add guest address range checks to XENMEM_exchange handlers (Igor Mammedov) [878033 878034] {CVE-2012-5513} - [xen] x86/physmap: Prevent incorrect updates of m2p mappings (Igor Mammedov) [870148 870149] {CVE-2012-4537} - [xen] VCPU/timer: Dos vulnerability prev overflow in calculations (Igor Mammedov) [870150 870151] {CVE-2012-4535} - [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004] [2.6.18-308.22.1.el5] - [net] bonding: fix link down handling in 802.3ad mode (Andy Gospodarek) [877943 782866] [2.6.18-308.21.1.el5] - [fs] ext4: race-cond protect for convert_unwritten_extents_endio (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [fs] ext4: serialize fallocate w/ ext4_convert_unwritten_extents (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [fs] ext4: flush the i_completed_io_list during ext4_truncate (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [874973 872612] - [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [872113 855302] {CVE-2012-3552} - [scsi] qla2xx: Dont toggle inter bits after IRQ lines attached (Chad Dupuis) [870118 800708] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513 Oracle Linux 5 kernel [2.6.18-308.24.1.el5] - Revert: [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004] [2.6.18-308.23.1.el5] - [net] bnx2x: Add remote-fault link detection (Alexander Gordeev) [870120 796905] - [net] bnx2x: Cosmetic changes (Alexander Gordeev) [870120 796905] - [net] rds-ping cause kernel panic (Alexander Gordeev) [822755 822756] {CVE-2012-2372} - [xen] add guest address range checks to XENMEM_exchange handlers (Igor Mammedov) [878033 878034] {CVE-2012-5513} - [xen] x86/physmap: Prevent incorrect updates of m2p mappings (Igor Mammedov) [870148 870149] {CVE-2012-4537} - [xen] VCPU/timer: Dos vulnerability prev overflow in calculations (Igor Mammedov) [870150 870151] {CVE-2012-4535} - [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004] [2.6.18-308.22.1.el5] - [net] bonding: fix link down handling in 802.3ad mode (Andy Gospodarek) [877943 782866] [2.6.18-308.21.1.el5] - [fs] ext4: race-cond protect for convert_unwritten_extents_endio (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [fs] ext4: serialize fallocate w/ ext4_convert_unwritten_extents (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [fs] ext4: flush the i_completed_io_list during ext4_truncate (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [874973 872612] - [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [872113 855302] {CVE-2012-3552} - [scsi] qla2xx: Dont toggle inter bits after IRQ lines attached (Chad Dupuis) [870118 800708] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513 Oracle Linux 6 [32:9.8.2-0.10.rc1.6] - fix CVE-2012-5688 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-5688 Oracle Linux 6 [5.1.66-2] - Add backported patch for CVE-2012-5611 Resolves: CVE-2012-5611 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-5611 Oracle Linux 6 [2.6.32-279.19.1.el6] - [drm] i915: dont clobber the pipe param in sanitize_modesetting (Frantisek Hrbata) [876549 857792] - [drm] i915: Sanitize BIOS debugging bits from PIPECONF (Frantisek Hrbata) [876549 857792] - [net] fix divide by zero in tcp algorithm illinois (Flavio Leitner) [871920 866514] {CVE-2012-4565} - [fs] xfs: fix reading of wrapped log data (Dave Chinner) [876499 874322] - [x86] mm: fix signedness issue in mmap_rnd() (Petr Matousek) [876496 875036] - [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [877950 872799] - [fs] block_dev: Fix crash when block device is read and block size is changed at the same time (Frantisek Hrbata) [864826 855906] - [mm] tracing: Move include of trace/events/kmem.h out of header into slab.c (Jeff Moyer) [864826 855906] - [mm] slab: Move kmalloc tracepoint out of inline code (Jeff Moyer) [864826 855906] - [netdrv] bnx2x: organize BDs calculation for stop/resume (Frantisek Hrbata) [874022 819842] - [netdrv] bnx2x: fix panic when TX ring is full (Michal Schmidt) [874022 819842] [2.6.32-279.18.1.el6] - [scsi] sd: fix crash when UA received on DIF enabled device (Ewan Milne) [876487 865682] - [mm] hugetlb: fix non-atomic enqueue of huge page (Rafael Aquini) [876101 869750] - [x86] amd_iommu: attach device fails on the last pci device (Don Dutile) [876493 861164] - [net] nfs: Fix buffer overflow checking in __nfs4_get_acl_uncached (Frantisek Hrbata) [811794 822871] {CVE-2012-2375} - [net] nfs: Fix the acl cache size calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: nfs_getaclargs.acl_len is a size_t (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Dont use private xdr_stream fields in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Fix pointer arithmetic in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] nfs: Simplify the GETATTR attribute length calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: Add the helper xdr_stream_pos (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: Dont decode beyond the end of the RPC reply message (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: Clean up xdr_set_iov() (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [net] sunrpc: xdr_read_pages needs to clear xdr->page_ptr (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [fs] nfs: Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [fs] nfs: Avoid reading past buffer when calling GETACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375} - [scsi] ibmvfc: Fix double completion on abort timeout (Steve Best) [876088 865115] - [net] core: allocate skbs on local node (Andy Gospodarek) [876491 843163] [2.6.32-279.17.1.el6] - [mm] Prevent kernel panic in NUMA related system calls after memory hot-add (Larry Woodman) [875382 870350] {CVE-2012-5517} - [md] Dont truncate size at 4TB for RAID0 and Linear (Jes Sorensen) [866470 865637] - [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Lukas Czerner) [809690 809691] {CVE-2012-2100} - [fs] ext4: fix undefined behavior in ext4_fill_flex_info() (Lukas Czerner) [809690 809691] {CVE-2012-2100} - [kernel] sched_rt: Ignore RT queue throttling if idle task has RT policy (Igor Mammedov) [853950 843541] - [kernel] sched: Create special class for stop/migrate work (Igor Mammedov) [853950 843541] - [net] ipv6: fix overlap check for fragments (Amerigo Wang) [874550 819952] {CVE-2012-4444} - [net] ipv6: discard overlapping fragment (Jiri Pirko) [874550 819952] {CVE-2012-4444} [2.6.32-279.16.1.el6] - [lib] Fix rwsem to not hang the system (David Howells) [871854 852847] [2.6.32-279.15.1.el6] - [netdrv] mlx4: Re-design multicast attachments flow (Doug Ledford) [866795 859533] MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2100 CVE-2012-2375 CVE-2012-4444 CVE-2012-4565 CVE-2012-5517 Oracle Linux 5 Oracle Linux 6 [3.9.4-9] - Still more fixes to make test case for CVE-2012-5581 work on all platforms Resolves: #885310 [3.9.4-8] - Fix incomplete patch for CVE-2012-3401 - Add libtiff-tiffinfo-exif.patch so that our test case for CVE-2012-5581 works with pre-4.0.2 libtiff Resolves: #885310 [3.9.4-7] - Add fixes for CVE-2012-3401, CVE-2012-4447, CVE-2012-4564, CVE-2012-5581 Resolves: #885310 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-3401 CVE-2012-4447 CVE-2012-4564 CVE-2012-5581 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.7.1.el6uek] - Revert "proc: enable writing to /proc/pid/mem" [orabug 13619701] {CVE-2012-0056} - [PATCH] x86, tsc: Skip TSC synchronization checks for tsc=reliable (Suresh Siddha) [2.6.32-300.6.1.el6uek] - tracing: Fix null pointer deref with SEND_SIG_FORCED (Oleg Nesterov) [orabug 13611655] [2.6.32-300.5.1.el6uek] - sched, x86: Avoid unnecessary overflow in sched_clock (Salman Qazi) [orabug 13604567] - [x86]: Don't resume/restore cpu if not of the expected cpu (Joe Jin) [orabug 13492670] - drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow (Chris Wilson) [CVE-2010-296] - x2apic: Enable the bios request for x2apic optout (Suresh Siddha) [orabug 13565303] - fuse: split queues to scale I/O throughput (Srinivas Eeda) [orabug 10004611] - fuse: break fc spinlock (Srinivas Eeda) [orabug 10004611] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2010-2962 CVE-2012-0056 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.11.1.el6uek] - [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077} - [scsi] increase qla2xxx firmware ready time-out (Joe Jin) - [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin) - [net] tg3: Fix single-vector MSI-X code (Joe Jin) - [net] qlge: fix size of external list for TX address descriptors (Joe Jin) - [net] e1000e: Avoid wrong check on TX hang (Joe Jin) - crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081} - jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132} - KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347} - KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622} - xfs: validate acl count (Joe Jin) {CVE-2012-0038} - KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045} - KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045} - igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207} - ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens) - fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349] [2.6.32-300.10.1.el6uek] - net: remove extra register in ip_gre (Guru Anbalagane) [Orabug: 13633287] [2.6.32-300.9.1.el6uek] - [netdrv] fnic: return zero on fnic_reset() success (Joe Jin) - [e1000e] Add entropy generation back for network interrupts (John Sobecki) - [nfs4] LINUX CLIENT TREATS NFS4ERR_GRACE AS A PERMANENT ERROR [orabug 13476821] (John Sobecki) - [nfs] NFS CLIENT CONNECTS TO SERVER THEN DISCONNECTS [orabug 13516759] (John Sobecki) - [sunrpc] Add patch for a mount crash in __rpc_create_common [orabug 13322773] (John Sobecki) [2.6.32-300.8.1.el6uek] - SPEC: fix dependency on firmware/mkinitrd (Guru Anbalagane) [orabug 13637902] - xfs: fix acl count validation in xfs_acl_from_disk() (Dan Carpenter) - [SCSI] scsi_dh: check queuedata pointer before proceeding further (Moger Babu) [orabug 13615419] IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-4081 CVE-2011-4347 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207 CVE-2011-4077 CVE-2011-4132 CVE-2011-4622 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.21.1.el6uek] - regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) CVE-2012-1097 - regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) CVE-2012-1097 - cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) CVE-2012-1090 - block: Fix io_context leak after failure of clone with CLONE_IO (Louis Rilling) CVE-2012-0879 MODERATE Copyright 2012 Oracle, Inc. CVE-2012-0879 CVE-2012-1090 CVE-2012-1097 Oracle Linux 5 Oracle Linux 6 [2.6.39-100.6.1] - regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) {CVE-2012-1097} - regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) {CVE-2012-1097} - cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) {CVE-2012-1090} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-1090 CVE-2012-1097 Oracle Linux 5 Oracle Linux 6 [2.6.39-100.7.1.el6uek] - KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi Kivity) [Bugdb: 13871] {CVE-2012-1601} - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [Bugdb: 13871] {CVE-2011-4086} MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4086 CVE-2012-1601 Oracle Linux 5 Oracle Linux 6 kernel-uek: [2.6.32-300.25.1.el6uek] - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [Bugdb: 13871] {CVE-2011-4086} MODERATE Copyright 2012 Oracle, Inc. CVE-2011-4086 Oracle Linux 5 Oracle Linux 6 kernel-uek: [2.6.32-300.27.1.el6uek] - net: sock: validate data_len before allocating skb (Jason Wang) [Bugdb: 13966]{CVE-2012-2136} - fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] {CVE-2012-2123} - Revert 'nfs: when attempting to open a directory, fall back on normal lookup (Todd Vierling) [Orabug 14141154] [2.6.32-300.26.1.el6uek] - mptsas: do not call __mptsas_probe in kthread (Maxim Uvarov) [Orabug: 14175509] - mm: check if any page in a pageblock is reserved before marking it MIGRATE_RESERVE (Maxim Uvarov) [Orabug: 14073214] - mm: reduce the amount of work done when updating min_free_kbytes (Mel Gorman) [Orabug: 14073214] - vmxnet3: Updated to el6-u2 (Guangyu Sun) [Orabug: 14027961] - xen: expose host uuid via sysfs. (Zhigang Wang) - sched: Fix cgroup movement of waking process (Daisuke Nishimura) [Orabug: 13946210] - sched: Fix cgroup movement of newly created process (Daisuke Nishimura) [Orabug: 13946210] - sched: Fix cgroup movement of forking process (Daisuke Nishimura) [Orabug: 13946210] - x86, boot: Wait for boot cpu to show up if nr_cpus limit is about to hit (Zhenzhong Duan) [Orabug: 13629087] - smp: Use nr_cpus= to set nr_cpu_ids early (Zhenzhong Duan) [Orabug: 13629087] - net: ipv4: relax AF_INET check in bind() (Maxim Uvarov) [Orabug: 14054411] ofa-2.6.32-300.27.1.el6uek: [1.5.1-4.0.58] - Add Patch 158-169 IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-2136 CVE-2012-2123 Oracle Linux 5 Oracle Linux 6 [2.6.39-100.10.1.el6uek] - thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (Andrea Arcangeli) [Orabug: 14217003] [2.6.39-100.9.1.el6uek] - mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (Andrea Arcangeli) [Bugdb: 13966] {CVE-2012-2373} - mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) {CVE-2012-1179} - KVM: Fix buffer overflow in kvm_set_irq() (Avi Kivity) [Bugdb: 13966] {CVE-2012-2137} - net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [Bugdb: 13966] {CVE-2012-2136} - KVM: lock slots_lock around device assignment (Alex Williamson) [Bugdb: 13966] {CVE-2012-2121} - KVM: unmap pages from the iommu when slots are removed (Alex Williamson) [Bugdb: 13966] {CVE-2012-2121} - KVM: introduce kvm_for_each_memslot macro (Xiao Guangrong) [Bugdb: 13966] - fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] {CVE-2012-2123} [2.6.39-100.8.1.el6uek] - net: ipv4: relax AF_INET check in bind() (Eric Dumazet) [Orabug: 14054411] IMPORTANT Copyright 2012 Oracle, Inc. Oracle Linux 5 Oracle Linux 6 [2.6.39-200.24.1.el5uek] - Revert 'Add Oracle VM guest messaging driver' (Guru Anbalagane) [Orabug: 14233627} [2.6.39-200.23.1.el5uek] - SPEC: add block/net modules to list used by installer (Guru Anbalagane) [Orabug: 14224837] [2.6.39-200.22.1.el5uek] - NFSv4: include bitmap in nfsv4 get acl data (Andy Adamson) {CVE-2011-4131} - ocfs2:btrfs: aio-dio-loop changes broke setrlimit behavior [orabug 14207636] (Dave Kleikamp) - Add Oracle VM guest messaging driver (Zhigang Wang) - thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (Andrea Arcangeli) [Orabug: 14217003] [2.6.39-200.21.0.el5uek] - KVM: Fix buffer overflow in kvm_set_irq() (Avi Kivity) [Bugdb: 13966] {CVE-2012-2137} - net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [Bugdb: 13966] {CVE-2012-2136} - mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (Andrea Arcangeli) [Bugdb: 13966] {CVE-2012-2373} - KVM: lock slots_lock around device assignment (Alex Williamson) [Bugdb: 13966] {CVE-2012-2121} - KVM: unmap pages from the iommu when slots are removed (Alex Williamson) [Bugdb: 13966] {CVE-2012-2121} - KVM: introduce kvm_for_each_memslot macro (Xiao Guangrong) [Bugdb: 13966] - fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] {CVE-2012-2123} [2.6.39-200.20.0.el5uek] - Update lpfc version for 8.3.5.68.6p driver release (Martin K. Petersen) - Fix system hang due to bad protection module parameters (CR 130769) (Martin K. Petersen) - oracleasm: Data integrity support (Martin K. Petersen) - sd: Allow protection_type to be overridden (Martin K. Petersen) - SCSI: Fix two bugs in DIX retry handling (Martin K. Petersen) - sd: Avoid remapping bad reference tags (Martin K. Petersen) - block: Fix bad range check in bio_sector_offset (Martin K. Petersen) [2.6.39-200.19.0.el5uek] - xen/netback: Calculate the number of SKB slots required correctly (Simon Graham) [2.6.39-200.18.0.el5uek] - e1000e: disable rxhash when try to enable jumbo frame also rxhash and rxcsum have enabled (Joe Jin) [2.6.39-200.17.0.el5uek] - mm: reduce the amount of work done when updating min_free_kbytes (Mel Gorman) [Orabug: 14073214] - ocfs2: clear unaligned io flag when dio fails (Junxiao Bi) [Orabug: 14063941] - aio: make kiocb->private NUll in init_sync_kiocb() (Junxiao Bi) [Orabug: 14063941] - vmxnet3: cap copy length at size of skb to prevent dropped frames on tx (Neil Horman) [Orabug: 14159701] - mm/mempolicy.c: refix mbind_range() vma issue (KOSAKI Motohiro) [Orabug: 14149364] - mm/mempolicy.c: fix pgoff in mbind vma merge (Caspar Zhang) [Orabug:14149364] [2.6.39-200.16.0.el5uek] - xen/gntdev: Fix merge error. (Konrad Rzeszutek Wilk) [2.6.39-200.15.0.el5uek] - xen: expose host uuid via sysfs. (Zhigang Wang) [2.6.39-200.14.0.el5uek] - SPEC: upgrade preserve rhck as a boot kernel (Kevin Lyons) [Orabug: 14065209] - hxge: update driver to 1.3.4 (Maxim Uvarov) [Orabug: 14134149] - SPEC: v2.6.39-200.12.0 (Maxim Uvarov) - Revert 'bnx2x: correction to firmware interface' (Joe Jin) - cnic: fix bnx2fc_constants.h path (Maxim Uvarov) - bnx2x: PFC fix (Yaniv Rosner) - cnic: Fix parity error code conflict (Michael Chan) - bnx2x: Clear MDC/MDIO warning message (Yaniv Rosner) - bnx2x: Fix BCM578x0-SFI pre-emphasis settings (Yaniv Rosner) - bnx2x: Fix BCM57810-KR AN speed transition (Yaniv Rosner) - cnic: Re-init dev->stats_addr after chip reset (Michael Chan) - config: turn on CONFIG_HVC_XEN_FRONTEND (Maxim Uvarov) [Orabug: 14064174] - ixgbe: Dont set ip checksum if did not enable tso. (Joe Jin) - Revert 'x86, efi: Pass a minimal map to SetVirtualAddressMap()' (Maxim Uvarov) [Orabug: 14076004] - r8169: add firmware files (Joe Jin) - e1000e: fix build warning. (Joe Jin) - bnx2x: file build warning (Joe Jin) - 8139too: Add 64bit statistics (Junchang Wang) - net: export netdev_stats_to_stats64 (Eric Dumazet) - r8169: enable transmit time stamping. (Joe Jin) - r8169: stop using net_device.{base_addr, irq}. (Francois Romieu) - r8169: move the driver removal method to the end of the driver file. (Francois Romieu) - r8169: fix unsigned int wraparound with TSO (Julien Ducourthial) - 8139cp: set intr mask after its handler is registered (Jason Wang) - r8169: enable napi on resume. (Artem Savkov) - r8169: runtime resume before shutdown. (francois romieu) - r8169: add 64bit statistics. (Junchang Wang) - r8169: corrupted IP fragments fix for large mtu. (francois romieu) - r8169: spinlock redux. (Francois Romieu) - r8169: avoid a useless work scheduling. (Francois Romieu) - r8169: move task enable boolean to bitfield. (Francois Romieu) - r8169: bh locking redux and task scheduling. (Francois Romieu) - r8169: fix early queue wake-up. (Francois Romieu) - r8169: remove work from irq handler. (Joe Jin) - r8169: missing barriers. (Francois Romieu) - r8169: irq mask helpers. (Francois Romieu) - r8169: factor out IntrMask writes. (Francois Romieu) - r8169: stop delaying workqueue. (Francois Romieu) - r8169: remove rtl8169_reinit_task. (Francois Romieu) - r8169: remove hardcoded PCIe registers accesses. (Francois Romieu) - 8139cp: fix missing napi_gro_flush. (francois romieu) - 8139cp/8139too: do not read into reserved registers (Jason Wang) - r8169: fix Config2 MSIEnable bit setting. (francois romieu) - r8169: fix Rx index race between FIFO overflow recovery and NAPI handler. (francois romieu) - r8169: Rx FIFO overflow fixes. (francois romieu) - corral some wayward N/A fw_version dust bunnies (Rick Jones) - ethernet: Convert MAC_ADDR_LEN uses to ETH_ALEN (Joe Jin) - sweep the floors and convert some .get_drvinfo routines to strlcpy (Joe Jin) - r8169: check firmware content sooner. (Francois Romieu) - r8169: support new firmware format. (Hayes Wang) - r8169: explicit firmware format check. (Francois Romieu) - r8169: move the firmware down into the device private data. (Francois Romieu) - r8169: increase the delay parameter of pm_schedule_suspend (hayeswang) - r8169: fix wrong eee setting for rlt8111evl (hayeswang) - r8169: fix driver shutdown WoL regression. (francois romieu) - Add ethtool -g support to 8139cp (Rick Jones) - sc92031: use standard #defines from mii.h. (francois romieu) - r8169: jumbo fixes. (Francois Romieu) - r8169: expand received packet length indication. (Francois Romieu) - r8169: support new chips of RTL8111F (Hayes Wang) - r8169: do not enable the TBI for anything but the original 8169. (Francois Romieu) - r8169: remove erroneous processing of always set bit. (Francois Romieu) - r8169: fix WOL setting for 8105 and 8111evl (Hayes Wang) - r8169: add MODULE_FIRMWARE for the firmware of 8111evl (Hayes Wang) - r8169: fix the reset setting for 8111evl (Hayes Wang) - r8169: define the early size for 8111evl (Hayes Wang) - r8169: convert to SKB paged frag API. (Ian Campbell) - 8139cp: convert to SKB paged frag API. (Ian Campbell) - net: remove use of ndo_set_multicast_list in realtek drivers (Joe Jin) - r8169 : MAC address change fix for the 8168e-vl. (francois romieu) - r8169: use pci_dev->subsystem_{vendor|device} (Sergei Shtylyov) - r8169: fix sticky accepts packet bits in RxConfig. (Francois Romieu) - r8169: adjust the RxConfig settings. (Hayes Wang) - r8169: dont enable rx when shutdown. (Hayes Wang) - r8169: fix wake on lan setting for non-8111E. (Hayes Wang) - r8169: support RTL8111E-VL. (Hayes Wang) - r8169: add ERI functions. (Hayes Wang) - r8169: modify the flow of the hw reset. (Hayes Wang) - r8169: adjust some registers. (Hayes Wang) - r8169: remove unnecessary read of PCI_CAP_ID_EXP (Jon Mason) - ixgbevf: print MAC via printk format specifier (Danny Kukawka) - ixgbevf: Update copyright notices (Greg Rose) - ixgbevf: Fix mailbox interrupt ack bug (Greg Rose) - ixgbevf: make operations tables const (Stephen Hemminger) - ixgbevf: fix sparse warnings (Stephen Hemminger) - ixgbevf: make ethtool ops and strings const (Stephen Hemminger) - ixgbevf: Prevent possible race condition by checking for message (Greg Rose) - ixgbevf: Fix register defines to correctly handle complex expressions (Alexander Duyck) - ixgbevf: Update release version (Greg Rose) - ixgbevf: Fix broken trunk vlan (Greg Rose) - ixgbevf: convert to ndo_fix_features (Joe Jin) - ixgbevf: Check if EOP has changed before using it (Greg Rose) - ixgbe: Correct flag values set by ixgbe_fix_features (Joe Jin) - ixgbe: fix typo in enumeration name (Don Skidmore) - ixgbe: Add support for enabling UDP RSS via the ethtool rx-flow-hash command (Joe Jin) - ixgbe: Whitespace cleanups (Joe Jin) - ixgbe: Two minor fixes for RSS and FDIR set queues functions (Alexander Duyck) - ixgbe: drop err_eeprom tag which is at same location as err_sw_init (Alexander Duyck) - ixgbe: Move poll routine in order to improve readability (Alexander Duyck) - ixgbe: cleanup logic for the service timer and VF hang detection (Alexander Duyck) - ixgbe: Fix issues with SR-IOV loopback when flow control is disabled (Alexander Duyck) - ixgbe: Place skb on first buffer_info structure to avoid using stack space (Joe Jin) - ixgbe: Use packets to track Tx completions instead of a seperate value (Alexander Duyck) - ixgbe: Modify setup of descriptor flags to avoid conditional jumps (Alexander Duyck) - ixgbe: Make certain that all frames fit minimum size requirements (Alexander Duyck) - ixgbe: cleanup logic in ixgbe_change_mtu (Alexander Duyck) - ixgbe: dcb: use DCB config values for FCoE traffic class on open (John Fastabend) - ixgbe: Fix race condition where RX buffer could become corrupted. (Atita Shirwaikar) - ixgbe: use typed min/max functions where possible (Jesse Brandeburg) - ixgbe: fix obvious return value bug. (Don Skidmore) - ixgbe: Replace eitr_low and eitr_high with static values in ixgbe_update_itr (Alexander Duyck) - ixgbe: Do not disable read relaxed ordering when DCA is enabled (Alexander Duyck) - ixgbe: Simplify logic for ethtool loopback frame creation and testing (Alexander Duyck) - ixgbe: Add iterator for cycling through rings on a q_vector (Alexander Duyck) - ixgbe: Allocate rings as part of the q_vector (Alexander Duyck) - ixgbe: Drop unnecessary napi_schedule_prep and spare blank line from ixgbe_intr (Alexander Duyck) - ixgbe: Default to queue pairs when number of queues is less than CPUs (Alexander Duyck) - ixgbe: Correct Adaptive Interrupt Moderation so that it will change values (Alexander Duyck) - ixgbe: Address issues with Tx WHTRESH value not being set correctly (Alexander Duyck) - ixgbe: Reorder adapter contents for better cache utilization (Joe Jin) - ixgbe: Do no clear Tx status bits since eop_desc provides enough info (Alexander Duyck) - ixgbe: remove tie between NAPI work limits and interrupt moderation (Jeff Kirsher) - ixgbe: dcb: check setup_tc return codes (John Fastabend) - ixgbe: Fix comments that are out of date or formatted incorrectly (Alexander Duyck) - ixgbe: fix spelling errors (Don Skidmore) - ixgbe: Minor formatting and comment corrections for ixgbe_xmit_frame_ring (Alexander Duyck) - ixgbe: Combine post-DMA processing of sk_buff fields into single function (Alexander Duyck) - ixgbe: Drop the _ADV of descriptor macros since all ixgbe descriptors are ADV (Alexander Duyck) - ixgbe: Add function for testing status bits in Rx descriptor (Alexander Duyck) - ixgbe: Let the Rx buffer allocation clear status bits instead of cleanup (Joe Jin) - ixgbe: Address fact that RSC was not setting GSO size for incoming frames (Alexander Duyck) - ixgbe: Minor refactor of RSC (Alexander Duyck) - ixgbe: ethtool: stats user buffer overrun (John Fastabend) - ixgbe: dcb: up2tc mapping lost on disable/enable CEE DCB state (John Fastabend) - ixgbe: do not update real num queues when netdev is going away (Yi Zou) - ixgbe: Fix broken dependency on MAX_SKB_FRAGS being related to page size (Alexander Duyck) - ixgbe: Fix case of Tx Hang in PF with 32 VFs (Greg Rose) - ixgbe: fix vf lookup (Greg Rose) - ixgbe: Fix typo in ixgbe_common.h (Masanari Iida) - ixgbe: make ethtool strings table const (Stephen Hemminger) - ixgbe: Add warning when no space left for more MAC filters (Joe Jin) - ixgbe: update copyright to 2012 (Don Skidmore) - ixgbe: Add module parameter to allow untested and unsafe SFP+ modules (Peter P Waskiewicz Jr) - ixgbe: Fix register defines to correctly handle complex expressions (Alexander Duyck) - ixgbe: add support for new 82599 device. (Don Skidmore) - ixgbe: add support for new 82599 device id (Emil Tantilov) - ixgbe: add write flush in ixgbe_clock_out_i2c_byte() (Emil Tantilov) - ixgbe: fix typos (Stephen Hemminger) - ixgbe: fix incorrect PHY register reads (Emil Tantilov) - ixgbe: Remove function prototype for non-existent function (Greg Rose) - ixgbe: DCB: IEEE transitions may fail to reprogram hardware. (John Fastabend) - ixgbe: DCBnl set_all, order of operations fix (Joe Jin) - ixgbe: fix LED blink logic to check for link (Emil Tantilov) - ixgbe: Fix compile for kernel without CONFIG_PCI_IOV defined (Rose, Gregory V) - ixgbe: DCB, return max for IEEE traffic classes (John Fastabend) - ixgbe: fix reading of the buffer returned by the firmware (Emil Tantilov) - ixgbe: Fix compiler warnings (Greg Rose) - ixgbe: fix smatch splat due to missing NULL check (John Fastabend) - ixgbe: fix disabling of Tx laser at probe (Emil Tantilov) - ixgbe: Fix link issues caused by a reset while interface is down (Emil Tantilov) - ixgbe: change the eeprom version reported by ethtool (Emil Tantilov) - ixgbe: allow eeprom writes via ethtool (Emil Tantilov) - ixgbe: fix endianess when writing driver version to firmware (Emil Tantilov) - ixgbe: fix skb truesize underestimation (Eric Dumazet) - ixgbe: Correct check for change in FCoE priority (Mark Rustad) - ixgbe: Add FCoE DDP allocation failure counters to ethtool stats. (Amir Hanania) - ixgbe: Add protection from VF invalid target DMA (Greg Rose) - ixgbe: bump version number (Don Skidmore) - ixgbe: X540 devices RX PFC frames pause traffic even if disabled (John Fastabend) - ixgbe: DCB X540 devices support max traffic class of 4 (John Fastabend) - ixgbe: fixup hard dependencies on supporting 8 traffic classes (Joe Jin) - ixgbe: Fix PFC mask generation (Mark Rustad) - ixgbe: remove instances of ixgbe_phy_aq for 82598 and 82599 (Emil Tantilov) - ixgbe: get pauseparam autoneg (Mika Lansirinne) - ixgbe: do not disable flow control in ixgbe_check_mac_link (Emil Tantilov) - ixgbe: send MFLCN to ethtool (Emil Tantilov) - ixgbe: add support for new 82599 device (Emil Tantilov) - ixgbe: fix driver version initialization in firmware (Jacob Keller) - ixgbe: remove return code for functions that always return 0 (Emil Tantilov) - ixgbe: clear the data field in ixgbe_read_i2c_byte_generic (Emil Tantilov) - ixgbe: prevent link checks while resetting (Emil Tantilov) - ixgbe: add ECC warning for legacy interrupts (Don Skidmore) - ixgbe: cleanup ixgbe_setup_gpie() for X540 (Don Skidmore) - ixgbe add thermal sensor support for x540 hardware (Jacob Keller) - ixgbe: update {P}FC thresholds to account for X540 and loopback (John Fastabend) - ixgbe: disable LLI for FCoE (Vasu Dev) - ixgbe: Cleanup q_vector interrupt throttle rate logic (Emil Tantilov) - ixgbe: remove global reset to the MAC (Emil Tantilov) - ixgbe: add WOL support for X540 (Emil Tantilov) - ixgbe: avoid HW lockup when adapter is reset with Tx work pending (Emil Tantilov) - ixgbe: dcb, set priority to traffic class mappings (John Fastabend) - ixgbe: cleanup X540 interrupt enablement (Don Skidmore) - ixgbe: DCB, do not call set_state() from IEEE mode (Joe Jin) - ixgbe: Reconfigure SR-IOV Init (Greg Rose) - ixgbe: remove duplicate netif_tx_start_all_queues (Emil Tantilov) - ixgbe: fix FCRTL/H register dump for X540 (Emil Tantilov) - ixgbe: cleanup some register reads (Emil Tantilov) - ixgbe: Make better use of memory allocations in one-buffer mode w/ RSC (Alexander Duyck) - ixgbe: drop adapter from ixgbe_fso call documentation (Alexander Duyck) - ixgbe: Add SFP support for missed 82598 PHY (Alexander Duyck) - ixgbe: Add missing code for enabling overheat sensor interrupt (Alexander Duyck) - ixgbe: make ixgbe_up and ixgbe_up_complete void functions (Alexander Duyck) - v2 ixgbe: Update packet buffer reservation to correct fdir headroom size (Alexander Duyck) - ixgbe: remove redundant configuration of tx_sample_rate (Alexander Duyck) - ixgbe: Correctly name and handle MSI-X other interrupt (Alexander Duyck) - ixgbe: cleanup configuration of EITRSEL and VF reset path (Alexander Duyck) - ixgbe: cleanup reset paths (Alexander Duyck) - ixgbe: Update TXDCTL configuration to correctly handle WTHRESH (Alexander Duyck) - ixgbe: combine PCI_VDEVICE and board declaration to same line (Alexander Duyck) - ixgbe: Drop unnecessary adapter->hw dereference in loopback test setup (Alexander Duyck) - ixgbe: commonize ixgbe_map_rings_to_vectors to work for all interrupt types (Alexander Duyck) - ixgbe: Use ring->dev instead of adapter->pdev->dev when updating DCA (Alexander Duyck) - ixgbe: cleanup allocation and freeing of IRQ affinity hint (Alexander Duyck) - v2 ixgbe: consolidate all MSI-X ring interrupts and poll routines into one (Alexander Duyck) - ixgbe: Change default Tx work limit size to 256 buffers (Alexander Duyck) - ixgbe: clear RNBC only for 82598 (Emil Tantilov) - ixgbe: add check for supported modes (Emil Tantilov) - ixgbe: fix ixgbe_fc_autoneg_fiber bug (Don Skidmore) - ixgbe: cleanup feature flags in ixgbe_probe (Don Skidmore) - ixgbe: PFC not cleared on X540 devices (John Fastabend) - ixgbe: consolidate, setup for multiple traffic classes (John Fastabend) - ixgbe: remove unneeded fdir pb alloc case (John Fastabend) - ixgbe: fixup remaining call sites for arbitrary TCs (John Fastabend) - ixgbe: Always tag VLAN tagged packets (Alexander Duyck) - ixgbe: Add support for setting CC bit when SR-IOV is enabled (Alexander Duyck) - ixgbe: convert rings from q_vector bit indexed array to linked list (Alexander Duyck) - ixgbe: Simplify transmit cleanup path (Alexander Duyck) - ixgbe: Cleanup FCOE and VLAN handling in xmit_frame_ring (Alexander Duyck) - ixgbe: replace reference to CONFIG_FCOE with IXGBE_FCOE (Alexander Duyck) - ixgbe - DDP last user buffer - error to warn (Amir Hanania) - ixgbe: remove unused fcoe.tc field and fcoe_setapp() (John Fastabend) - ixgbe: complete FCoE initialization from setapp() routine (John Fastabend) - ixgbe: DCB, remove unneeded ixgbe_dcb_txq_to_tc() routine (John Fastabend) - ixgb: Remove unnecessary defines, use pr_debug (Joe Perches) - ixgb: finish conversion to ndo_fix_features (Michal Miroslaw) - ixgb: eliminate checkstack warnings (Jesse Brandeburg) - ixgb: convert to ndo_fix_features (Michal Miroslaw) - igbvf: fix the bug when initializing the igbvf (Samuel Liao) - rename dev_hw_addr_random and remove redundant second (Joe Jin) (Jeff Kirsher) - igbvf: Use ETH_ALEN (Joe Perches) - igbvf: reset netdevice addr_assign_type if changed (Danny Kukawka) - igbvf: refactor Interrupt Throttle Rate code (Mitch A Williams) - igbvf: change copyright date (Mitch A Williams) - igbvf: Remove unnecessary irq disable/enable (Joe Jin) - igbvf: remove unneeded cast (Stephen Hemminger) (Jeff Kirsher) - igbvf: Bump version number (Williams, Mitch A) - igbvf: Update module identification strings (Williams, Mitch A) - igbvf: fix truesize underestimation (Eric Dumazet) - igbvf: Fix trunk vlan (Greg Rose) - igbvf: convert to ndo_fix_features (Michal Miroslaw) - igb: fix rtnl race in PM resume path (Benjamin Poirier) - igb: fix warning about unused function (Emil Tantilov) - igb: fix vf lookup (Greg Rose) - igb: Update Copyright on all Intel copyrighted files. (Carolyn Wyborny) - igb: make local functions static (Stephen Hemminger) - igb: reset PHY after recovering from PHY power down (Koki Sanagi) - igb: add basic runtime PM support (Yan, Zheng) - igb: Add flow control advertising to ethtool setting. (Carolyn Wyborny) - igb: Update DMA Coalescing threshold calculation. (Matthew Vick) - igb: Convert bare printk to pr_notice (Joe Perches) (Jeff Kirsher) - igb: Fix for I347AT4 PHY cable length unit detection (Kantecki, Tomasz) - igb: VFTA Table Fix for i350 devices (Carolyn Wyborny) - igb: Move DMA Coalescing init code to separate function. (Carolyn Wyborny) - igb: Fix for Alt MAC Address feature on 82580 and later devices (Carolyn Wyborny) - igb: fix a compile warning (RongQing Li) - igb: Check if subordinate VFs are assigned to virtual machines (Greg Rose) - pci: Add flag indicating device has been assigned by KVM (Greg Rose) - igb: enable l4 timestamping for v2 event packets (Jacob Keller) - igb: fix skb truesize underestimation (Eric Dumazet) - igb: Version bump. (Carolyn Wyborny) - igb: Loopback functionality supports for i350 devices (Akeem G. Abodunrin) - igb: fix static function warnings reported by sparse (Emil Tantilov) - igb: Add workaround for byte swapped VLAN on i350 local traffic (Alexander Duyck) - igb: Drop unnecessary write of E1000_IMS from igb_msix_other (Alexander Duyck) - igb: Fix features that are currently 82580 only and should also be i350 (Alexander Duyck) - igb: Make certain one vector is always assigned in igb_request_irq (Alexander Duyck) - igb: avoid unnecessarily creating a local copy of the q_vector (Alexander Duyck) - igb: add support for NETIF_F_RXHASH (Alexander Duyck) - igb: move TX hang check flag into ring->flags (Alexander Duyck) - igb: fix recent VLAN changes that would leave VLANs disabled after reset (Alexander Duyck) - igb: leave staterr in place and instead us a helper function to check bits (Alexander Duyck) - igb: retire the RX_CSUM flag and use the netdev flag instead (Alexander Duyck) - igb: cleanup IVAR configuration (Alexander Duyck) - igb: Move ITR related data into work container within the q_vector (Alexander Duyck) - igb: Consolidate all of the ring feature flags into a single value (Alexander Duyck) - igb: avoid unnecessary conversions from u16 to int (Alexander Duyck) - igb: Use node specific allocations for the q_vectors and rings (Alexander Duyck) - igb: push data into first igb_tx_buffer sooner to reduce stack usage (Alexander Duyck) - igb: consolidate creation of Tx buffer info and data descriptor (Alexander Duyck) - igb: Combine all flag info fields into a single tx_flags structure (Alexander Duyck) - igb: Cleanup protocol handling in transmit path (Alexander Duyck) - igb: Create separate functions for generating cmd_type and olinfo (Alexander Duyck) - igb: Make first and tx_buffer_info->next_to_watch into pointers (Alexander Duyck) - igb: Consolidate creation of Tx context descriptors into a single function (Alexander Duyck) - intel: convert to SKB paged frag API. (Ian Campbell) - ixgbe: Refactor transmit map and cleanup routines (Alexander Duyck) - igb: split buffer_info into tx_buffer_info and rx_buffer_info (Alexander Duyck) - igb: Make Tx budget for NAPI user adjustable (Alexander Duyck) - igb: Alternate MAC Address Updates for Func2&3 (Akeem G. Abodunrin) - igb: Alternate MAC Address EEPROM Updates (Akeem G. Abodunrin) - igb: Code to prevent overwriting SFP I2C (Akeem G. Abodunrin) - igb: Remove multi_tx_table and simplify igb_xmit_frame (Alexander Duyck) - igb: drop the 'adv' off function names relating to descriptors (Joe Jin) - igb: Replace E1000_XX_DESC_ADV with IGB_XX_DESC (Alexander Duyck) - igb: Refactor clean_rx_irq to reduce overhead and improve performance (Alexander Duyck) - igb: update ring and adapter structure to improve performance (Alexander Duyck) - igb: streamline Rx buffer allocation and cleanup (Alexander Duyck) - igb: drop support for single buffer mode (Alexander Duyck) - igb: Update max_frame_size to account for an optional VLAN tag if present (Alexander Duyck) - igb: Update RXDCTL/TXDCTL configurations (Alexander Duyck) - igb: remove duplicated #include (Huang Weiyi) - igb: Fix for DH89xxCC near end loopback test (Robert Healy) - igb: do vlan cleanup (Jiri Pirko) - igb: Add support of SerDes Forced mode for certain hardware (Carolyn Wyborny) - igb: Update copyright on all igb driver files. (Carolyn Wyborny) - net: igb: Use is_multicast_ether_addr helper (Tobias Klauser) - igb: remove unnecessary reads of PCI_CAP_ID_EXP (Jon Mason) - igb: convert to ndo_fix_features (Michal Miroslaw) - igb: Change version to remove number after -k in kernel versions. (Carolyn Wyborny) - e1000e: Fix default interrupt throttle rate not set in NIC HW (Jeff Kirsher) - e1000e: MSI interrupt test failed, using legacy interrupt (Prasanna S Panchamukhi) - e1000e: issues in Sx on 82577/8/9 (Joe Jin) - e1000e: Guarantee descriptor writeback flush success. (Matthew Vick) - e1000e: prevent oops when adapter is being closed and reset simultaneously (Bruce Allan) - e1000e: use msleep instead of mdelay (Joe Jin) - e1000e: cleanup goto statements to exit points without common work (Bruce Allan) - e1000e: potentially incorrect return for e1000e_setup_fiber_serdes_link (Bruce Allan) - e1000e: potentially incorrect return for e1000_init_hw_ich8lan (Bruce Allan) - e1000e: cleanup: minor whitespace addition (insert blank line separator) (Bruce Allan) - e1000e: cleanup: remove unnecessary variable initializations (Bruce Allan) - e1000e: cleanup: remove unnecessary test and return (Bruce Allan) - e1000e: cleanup: remove unnecessary variable ret_val (Bruce Allan) - e1000e: cleanup: remove unreachable statement (Bruce Allan) - e1000e: potentially incorrect return for e1000_set_d3_lplu_state_ich8lan (Bruce Allan) - e1000e: cleanup: always return 0 (Bruce Allan) - e1000e: cleanup: remove unnecessary assignments just before returning (Bruce Allan) - e1000e: potential incorrect return for e1000_setup_copper_link_80003es2lan (Bruce Allan) - e1000e: potentially incorrect return for e1000_cfg_kmrn_10_100_80003es2lan (Bruce Allan) - e1000e: cleanup: rename goto labels to be more meaningful (Bruce Allan) - e1000e: cleanup: use goto for common work needed by multiple exit points (Bruce Allan) - e1000e: replace '1' with 'true' for boolean get_link_status (Bruce Allan) - e1000e: pass pointer to hw struct for e1000_init_mac_params_XXX() (Bruce Allan) - e1000e: use true/false for bool autoneg_false (Bruce Allan) - e1000e: remove unnecessary parentheses (Bruce Allan) - e1000e: remove unnecessary returns from void functions (Bruce Allan) - e1000e: remove test that is always false (Bruce Allan) - e1000e: WoL fails on device ID 0x1501 (Joe Jin) - e1000e: WoL can fail on 82578DM (Bruce Allan) - e1000e: remove redundant reverse dependency on CRC32 (Bruce Allan) - e1000e: minor whitespace and indentation cleanup (Bruce Allan) - e1000e: fix sparse warnings with -D__CHECK_ENDIAN__ (Bruce Allan) - e1000e: fix checkpatch warning from MINMAX test (Bruce Allan) - e1000e: cleanup - use braces in both branches of a conditional statement (Bruce Allan) - e1000e: cleanup e1000_set_phys_id (Bruce Allan) - e1000e: cleanup e1000_init_mac_params_82571() (Bruce Allan) - e1000e: cleanup e1000_init_mac_params_80003es2lan() (Bruce Allan) - e1000e: rename es2lan.c to 80003es2lan.c (Joe Jin) - e1000e: cleanup - check return values consistently (Bruce Allan) - e1000e: add missing initializers reported when compiling with W=1 (Bruce Allan) - e1000e: update copyright year (Bruce Allan) - e1000e: split lib.c into three more-appropriate files (Bruce Allan) - e1000e: call er16flash() instead of __er16flash() (Bruce Allan) - e1000e: increase version number (Joe Jin) - e1000e: convert final strncpy() to strlcpy() (Bruce Allan) - e1000e: concatenate long debug strings which span multiple lines (Bruce Allan) - e1000e: conditionally restart autoneg on 82577/8/9 when setting LPLU state (Bruce Allan) - e1000e: increase Rx PBA to prevent dropping received packets on 82566/82567 (Bruce Allan) - e1000e: ICHx/PCHx LOMs should use LPLU setting in NVM when going to Sx (Joe Jin) - e1000e: update workaround for 82579 intermittently disabled during S0->Sx (Bruce Allan) - e1000e: disable Early Receive DMA on ICH LOMs (Bruce Allan) - e1000e: Need to include vmalloc.h (David S. Miller) - e1000e: 82574/82583 Tx hang workaround (Bruce Allan) - e1000e: use hardware default values for Transmit Control register (Bruce Allan) - e1000e: use default settings for Tx Inter Packet Gap timer (Bruce Allan) - e1000e: 82579: workaround for link drop issue (Bruce Allan) - e1000e: always set transmit descriptor control registers the same (Bruce Allan) - e1000e: re-factor ethtool get/set ring parameter (Bruce Allan) - e1000e: pass pointer to ring struct instead of adapter struct (Joe Jin) - e1000e: add Receive Packet Steering (RPS) support (Joe Jin) - e1000e: convert to netdev features/hw_features API (Joe Jin) - e1000e: cleanup Rx checksum offload code (Bruce Allan) - e1000e: convert head, tail and itr_register offsets to __iomem pointers (Bruce Allan) - e1000e: re-enable alternate MAC address for all devices which support it (Bruce Allan) - e1000e: default IntMode based on kernel config & available hardware support (Bruce Allan) - e1000e: convert to real ndo_set_rx_mode (Joe Jin) - net: introduce IFF_UNICAST_FLT private flag (Joe Jin) - e1000e: remove use of ndo_set_multicast_list in drivers (Joe Jin) (Jeff Kirsher) - e1000e: demote a debugging WARN to a debug log message (Bruce Allan) - e1000e: fix skb truesize underestimation (Eric Dumazet) - e1000e: locking bug introduced by commit 67fd4fcb (Bruce Allan) - e1000e: bad short packets received when jumbos enabled on 82579 (Bruce Allan) - e1000e: convert driver to use extended descriptors (Joe Jin) - drivers/net: Add module.h to drivers who were implicitly using it (Joe Jin) - e1000e: hitting BUG_ON() from napi_enable (Bruce Allan) - e1000: Silence sparse warnings by correcting type (Andrei Emeltchenko) - v2 e1000: Neaten e1000_dump function (Tushar Dave) - e1000: Neaten e1000_config_dsp_after_link_change (Joe Perches) - e1000: fix vlan processing regression (Joe Jin) - e1000: Remove unnecessary k.alloc/v.alloc OOM messages (Joe Jin) - e1000: add dropped DMA receive enable back in for WoL (Dean Nelson) - e1000: Adding e1000_dump function (Tushar Dave) - e1000: dont enable dma receives until after dma address has been setup (Dean Nelson) - e1000: save skb counts in TX to avoid cache misses (Dean Nelson) - e1000: cleanup CE4100 MDIO registers access (Florian Fainelli) - e1000: unmap ce4100_gbe_mdio_base_virt in e1000_remove (Florian Fainelli) - e1000: fix lockdep splat in shutdown handler (Jesse Brandeburg) - e1000e/ixgb: fix assignment of 0/1 to bool variables. (Joe Jin) - intel: Convert <FOO>_LENGTH_OF_ADDRESS to ETH_ALEN (Joe Perches) - e1000: fix skb truesize underestimation (Eric Dumazet) - e1000: convert to private mutex from rtnl (Jesse Brandeburg) - e1000: convert mdelay to msleep (Jesse Brandeburg) - e1000: convert hardware management from timers to threads (Jesse Brandeburg) - e100: Remove alloc_etherdev error messages (Joe Jin) - net: Remove Intel NICs unnecessary driver assignments of ethtool_ringparam fields to zero (Joe Jin) - e100: Show short v/s long rx length errors in ethtool stats. (Ben Greear) - e100: Fix rx-over-length statistics. (Ben Greear) - e100: make sure vlan support isnt advertised on old adapters (Jesse Brandeburg) - 8139cp: properly config rx mode after resuming (Jason Wang) - bnx2x: add bnx2x firmware 7.2.16 (Joe Jin) - bnx2fc: Remove bh disable in softirq context (Neil Horman) - bnx2fc: HSI dependent changes for 7.2.xx FW (Bhanu Prakash Gollapudi) - bnx2fc: Bumped version to 1.0.10 (Bhanu Prakash Gollapudi) - bnx2fc: NPIV ports go offline when interface is brought down & up (Bhanu Prakash Gollapudi) - bnx2fc: Handle LOGO flooding from the target (Bhanu Prakash Gollapudi) - bnx2fc: fix panic in bnx2fc_post_io_req (Bhanu Prakash Gollapudi) - bnx2fc: Bumped version to 1.0.9 (Bhanu Prakash Gollapudi) - bnx2fc: Handle SRR LS_ACC drop scenario (Bhanu Prakash Gollapudi) - bnx2fc: Handle ABTS timeout during ulp timeout (Bhanu Prakash Gollapudi) - bnx2fc: Bumped version to 1.0.8 (Bhanu Prakash Gollapudi) - bnx2fc: Return error statistics of remote peer (Bhanu Prakash Gollapudi) - bnx2fc: call ctlr_link_up only when the interface is enabled (Bhanu Prakash Gollapudi) - bnx2fc: Bumped version to 1.0.7 (Bhanu Prakash Gollapudi) - bnx2fc: Handle bnx2fc_map_sg failure (Bhanu Prakash Gollapudi) - bnx2fc: Replace scsi_dma_map() with dma_map_sg(). (Bhanu Prakash Gollapudi) - bnx2fc: Bumped version to 1.0.6 (Bhanu Prakash Gollapudi) - bnx2fc: Fix FW assert during RSCN stress tests (Bhanu Prakash Gollapudi) - bnx2fc: Fix panic caused because of incorrect errror handling in create(). (Bhanu Prakash Gollapudi) - bnx2fc: Avoid calling bnx2fc_if_destroy with unnecessary locks (Bhanu Prakash Gollapudi) - bnx2fc: Validate vlan id in NETDEV_UNREGISTER handler (Nithin Nayak Sujir) - bnx2fc: No abort issued for REC when it times out (Bhanu Prakash Gollapudi) - bnx2fc: Send solicitation only after vlan discovery is complete (Bhanu Prakash Gollapudi) - bnx2fc: Reset max receive frame size during link up (Bhanu Prakash Gollapudi) - bnx2fc: Need not schedule destroy_work from __bnx2fc_destroy (Bhanu Prakash Gollapudi) - bnx2fc: Bump version to 1.0.5 (Bhanu Prakash Gollapudi) - bnx2fc: Prevent creating of NPIV port with duplicate WWN (Bhanu Prakash Gollapudi) - bnx2fc: Obtain WWNN/WWPN from the shared memory (Bhanu Prakash Gollapudi) - [SCSI] fcoe,libfcoe: Move common code for fcoe_get_lesb to fcoe_transport (Bhanu Prakash Gollapudi) - [SCSI] fcoe: Move common functions to fcoe_transport library (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Drop incoming ABTS (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: code cleanup in bnx2fc_offload_session (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Fix NULL pointer deref during arm_cq. (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: IO errors when receiving unsolicited LOGO (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Do not reuse the fcoe connection id immediately (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Clear DESTROY_CMPL flag after firmware destroy (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Handle NETDEV_UNREGISTER for vlan devices (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Reorganize cleanup code between interface_cleanup and if_destory (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Change function names of bnx2fc_netdev_setup/bnx2fc_netdev_cleanup (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Do not attempt destroying NPIV port twice (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Remove erroneous kref_get on IO request (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Enable bsg_request support for bnx2fc (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Bug fixes in percpu_thread_create/destroy (Bhanu Prakash Gollapudi) - [SCSI] bnx2fc: Reset the max receive frame size (Bhanu Prakash Gollapudi) - [SCSI] bnx2i: Fixed the override of the error_mask module param (Eddie Wai) - [SCSI] bnx2i: use kthread_create_on_node() (Eric Dumazet) - [SCSI] bnx2i: Fixed kernel panic caused by unprotected task->sc->request deref (Eddie Wai) - [SCSI] bnx2i: Fixed the endian on TTT for NOP out transmission (Eddie Wai) - [SCSI] bnx2i: Fixed kernel panic due to illegal usage of sc->request->cpu (Eddie Wai) - cnic: Fix select dependencies in bnx2fc/bnx2i Kconfig. (David S. Miller) - bnx2x: Fix 578xx link LED (Yaniv Rosner) - bnx2x: Enable FEC for 57810-KR (Yaniv Rosner) - bnx2x: disable dcb on 578xx since not supported yet (Dmitry Kravkov) - bnx2x: decrease print level to debug (Dmitry Kravkov) - bnx2x: fix BRB thresholds for dropless_fc mode (Dmitry Kravkov) - bnx2x: fix cl_id allocation for non-eth clients for NPAR mode (Dmitry Kravkov) - bnx2x: Fix for a host coalescing bug which impared latency. (Ariel Elior) - bnx2x: fix select_queue when FCoE is disabled (Vladislav Zolotarov) - bnx2x: fix WOL by enablement PME in config space (Dmitry Kravkov) - bnx2x: Fix XMAC loopback test (Yaniv Rosner) - bnx2x: init FCOE FP only once (Vladislav Zolotarov) - bnx2x: Remove fiber remote fault detection (Yaniv Rosner) - cnic: update for FW 7.2.xx (Michael Chan) - bnx2x: correction to firmware interface (Yuval Mintz) - bnx2x: fix vector traveling while looking for an empty entry (Dmitry Kravkov) - bnx2x: mark functions as loaded on shared memory (Yuval Mintz) - bnx2x: fix memory leak in bnx2x_init_firmware() (Michal Schmidt) - bnx2x: fix a crash on corrupt firmware file (Michal Schmidt) - bnx2x: make bnx2x_close() static again (Michal Schmidt) - bnx2x: removed code re-checking memory base after device open (Mintz Yuval) - bnx2x: allow BCM84833 phy to advertise 100Base-T speeds (Mintz Yuval) - bnx2x: notify cnic of address of info-to-the-mcp (Mintz Yuval) - bnx2x: allocate smaller Rx rings for 1G functions (Mintz Yuval) - bnx2x: allocate memory dynamically in ethtool self-test. (Merav Sicron) - bnx2x: force 10G on 84833 phy should be autoneg with only 10G advertised (Yaniv Rosner) - bnx2x: added autoneg-restart after link advertisement changes (Yaniv Rosner) - bnx2x: ethtool publishes link partners speed and FC (Mintz Yuval) - bnx2x: half duplex support added for several boards (Yaniv Rosner) - bnx2x: remove the 'poll' module option (Michal Schmidt) - bnx2x: fix bnx2x_storm_stats_update() on big endian (Eric Dumazet) - bnx2x: Fix mem leak in bnx2x_tpa_stop() if build_skb() fails. (Jesper Juhl) - bnx2x: Update version to 1.72.0 and copyrights (Ariel Elior) - bnx2x: Recoverable and unrecoverable error statistics (Ariel Elior) - bnx2x: Recovery flow bug fixes (Ariel Elior) - bnx2x: init fw_seq after undi_unload is done (Dmitry Kravkov) - bnx2x: Track active PFs with bitmap (Ariel Elior) - bnx2x: Lock PF-common resources (Ariel Elior) - bnx2x: dont reset device while reading its configuration. (Dmitry Kravkov) - bnx2x: Loaded Firmware Version Validation (Ariel Elior) - bnx2x: Function Level Reset Final Cleanup (Ariel Elior) - bnx2x: Obtain Bus Device Function from register (Ariel Elior) - bnx2x: Removing indirect register access (Ariel Elior) - bnx2x: Support Queue Per Cos in 5771xx devices (Ariel Elior) - bnx2x: Remove 100Mb force speed for BCM84833 (Yaniv Rosner) - bnx2x: Fix ethtool advertisement (Yaniv Rosner) - bnx2x: unlock before returning an error (Dan Carpenter) - bnx2x: fix compilation error with SOE in fw_dump (Yuval Mintz) - bnx2x: handle CHIP_REVISION during init_one (Ariel Elior) - bnx2x: dont access removed registers on 57712 and above (Dmitry Kravkov) - bnx2x: properly clean indirect addresses (Dmitry Kravkov) - bnx2x: allow user to change ring size in ISCSI SD mode (Dmitry Kravkov) - bnx2x: fix Big-Endianess in ethtool -t (Dmitry Kravkov) - bnx2x: fixed ethtool statistics for MF modes (Yuval Mintz) - bnx2x: credit-leakage fixup on vlan_mac_del_all (Yuval Mintz) - bnx2x: Disable AN KR work-around for BCM57810 (Yaniv Rosner) - bnx2x: Remove AutoGrEEEn for BCM84833 (Yaniv Rosner) - bnx2x: Fix PFC setting on BCM57840 (Yaniv Rosner) - bnx2x: Fix Super-Isolate mode for BCM84833 (Yaniv Rosner) - bnx2x: handle vpd data longer than 128 bytes (Barak Witkowski) - bnx2x: properly update skb when mtu > 1500 (Dmitry Kravkov) - bnx2x: properly initialize L5 features (Joe Jin) - bnx2x: fix typo in fcoe stats collection (Barak Witkowski) - bnx2x: Fix compile errors if CONFIG_CNIC is not set (Michael Chan) - bnx2x, cnic: support DRV_INFO upon FW request (Barak Witkowski) - bnx2x: support classification config query (Ariel Elior) - bnx2x: add fcoe statistics (Barak Witkowski) - bnx2x: add PFC statistics (Barak Witkowski) - bnx2x: Use kcalloc instead of kzalloc to allocate array (Thomas Meyer) - bnx2x: handle iSCSI SD mode (Dmitry Kravkov) - bnx2x: fix rx ring size report (Vladislav Zolotarov) - bnx2x: Change value comparison order (Yaniv Rosner) - bnx2x: Cosmetic changes (Yaniv Rosner) - bnx2x: Fix self test of BCM57800 (Yaniv Rosner) - bnx2x: Add known PHY type check (Yaniv Rosner) - bnx2x: Change Warpcore MDIO work around mode (Yaniv Rosner) - bnx2x: Fix BCM84833 link and LED behavior (Yaniv Rosner) - bnx2x: Warpcore HW reset following fan failure (Yaniv Rosner) - bnx2x: ETS changes (Yaniv Rosner) - bnx2x: Fix ETS bandwidth (Yaniv Rosner) - bnx2x: PFC changes (Yaniv Rosner) - bnx2x: Fix 5461x LED (Yaniv Rosner) - bnx2x: cache-in compressed fw image (Dmitry Kravkov) - bnx2x: add endline at end of message (Dmitry Kravkov) - bnx2x: uses build_skb() in receive path (Eric Dumazet) - net: introduce build_skb() (Eric Dumazet) - net: more accurate skb truesize (Eric Dumazet) - bnx2x: update driver version to 1.70.35-0 (Dmitry Kravkov) - bnx2x: Remove on-stack napi struct variable (Ariel Elior) - bnx2x: prevent race in statistics flow (Dmitry Kravkov) - bnx2x: add fan failure event handling (Ariel Elior) - bnx2x: remove unused #define (Dmitry Kravkov) - bnx2x: simplify definition of RX_SGE_MASK_LEN and use it. (Dmitry Kravkov) - bnx2x: propagate DCBX negotiation (Dmitry Kravkov) - bnx2x: fix MF for 4-port devices (Dmitry Kravkov) - bnx2x: DCBX: use #define instead of magic (Dmitry Kravkov) - bnx2x: separate FCoE and iSCSI license initialization. (Joe Jin) - bnx2x: remove unused variable (Dmitry Kravkov) - bnx2x: use rx_queue index for skb_record_rx_queue() (Dmitry Kravkov) - bnx2x: allow FCoE and DCB for 578xx (Joe Jin) - bnx2x: update driver version to 1.70.30-0 (Dmitry Kravkov) - bnx2x: use FW 7.0.29.0 (Dmitry Kravkov) - bnx2x: add bnx2x FW 7.0.29 (Joe Jin) - bnx2x: Enable changing speed when port type is PORT_DA (Yaniv Rosner) - bnx2x: Fix 54618se LED behavior (Yaniv Rosner) - bnx2x: Fix RX/TX problem caused by the MAC layer (Yaniv Rosner) - bnx2x: Add link retry to 578xx-KR (Yaniv Rosner) - bnx2x: Fix LED blink rate for 578xx (Yaniv Rosner) - bnx2x: fix skb truesize underestimation (Eric Dumazet) - bnx2x: remove some dead code (Dan Carpenter) - bnx2x: Fix build error (Dmitry Kravkov) - bnx2x: Add new PHY BCM54616 (Yaniv Rosner) - bnx2x: resurrect RX hashing (Joe Jin) - bnx2x: convert to SKB paged frag API. (Ian Campbell) - net: add APIs for manipulating skb page fragments. (Ian Campbell) - bnx2x: Use pr_fmt and message logging cleanups (Joe Jin) - bnx2x: Coalesce pr_cont uses and fix DP typos (Joe Perches) - bnx2x: Remove local defines for %pM and mac address (Joe Perches) - bnx2x: Clear MDIO access warning during first driver load (Yaniv Rosner) - bnx2x: Fix BCM578xx MAC test (Yaniv Rosner) - bnx2x: Fix BCM54618se invalid link indication (Yaniv Rosner) - bnx2x: Fix BCM84833 link (Yaniv Rosner) - bnx2x: Fix link issue with DAC over 578xx (Yaniv Rosner) - bnx2x: Fix LED behavior (Yaniv Rosner) - bnx2x: Fix BCM578xx-B0 MDIO access (Yaniv Rosner) - bnx2x: Fix remote fault handling (Yaniv Rosner) - bnx2x: Fix chip hanging due to TX pipe stall. (Yaniv Rosner) - bnx2x: Fix missing pause on for 578xx (Yaniv Rosner) - bnx2x: Prevent restarting Tx during bnx2x_nic_unload (Vladislav Zolotarov) - bnx2x: use pci_pcie_cap() (Vladislav Zolotarov) - bnx2x: fix bnx2x_stop_on_error flow in bnx2x_sp_rtnl_task (Vladislav Zolotarov) - bnx2x: enable internal target-read for 57712 and up only (Shmulik Ravid) - bnx2x: count statistic ramrods on EQ to prevent MC assert (Vladislav Zolotarov) - bnx2x: fix loopback for non 10G link (Yaniv Rosner) - bnx2x: dcb - send all unmapped priorities to same COS as L2 (Dmitry Kravkov) - bnx2x: Broken self-test in SF mode on 578xx (Vladislav Zolotarov) - bnx2x: Parity errors recovery for 578xx (Vladislav Zolotarov) - bnx2x: Read FIP mac from SHMEM in single function mode (Vladislav Zolotarov) - bnx2x: Fixed ethtool -d for 578xx (Vladislav Zolotarov) - bnx2x: disable FCoE for 578xx devices since not yet supported (Dmitry Kravkov) - bnx2x: fix memory barriers (Vladislav Zolotarov) - bnx2x: use BNX2X_Q_FLG_TPA_IPV6 for TPA queue configuration (Vladislav Zolotarov) - bnx2x: disable loacal BH when scheduling FCOE napi (Vladislav Zolotarov) - bnx2x: fix MB index for 4-port devices (Dmitry Kravkov) - bnx2x: DCB rework (Dmitry Kravkov) - bnx2x: remove unnecessary dma_sync (Vladislav Zolotarov) - bnx2x: stop tx before CNIC_STOP (Vladislav Zolotarov) - bnx2x: add missing command in error handling flow (Dmitry Kravkov) - bnx2x: use correct dma_sync function (Vladislav Zolotarov) - bnx2x: Fix compilation when CNIC is not selected in config (Dmitry Kravkov) - bnx2x: Multiple concurrent l2 traffic classes (Ariel Elior) - bnx2x: Renaming the 'reset_task' to 'sp_rtnl_task' (Ariel Elior) - bnx2x: Add dcbnl notification (Shmulik Ravid) - dcbnl: Add CEE notification (Shmulik Ravid) - dcbnl: Aggregated CEE GET operation (Shmulik Ravid) - dcb: use nlmsg_free() instead of kfree() (Dan Carpenter) - dcb: Add missing error check in dcb_ieee_set() (John Fastabend) - dcb: fix return type on dcb_setapp() (John Fastabend) - dcb: Add dcb_ieee_getapp_mask() for drivers to query APP settings (John Fastabend) - dcb: Add ieee_dcb_delapp() and dcb op to delete app entry (Joe Jin) - dcb: Add ieee_dcb_setapp() to be used for IEEE 802.1Qaz APP data (John Fastabend) - net: dcbnl, add multicast group for DCB (John Fastabend) - dcb: Add DCBX capabilities bitmask to the get_ieee response (John Fastabend) - bnx2x: Fix warning message during 57712/8727 initialization (Yaniv Rosner) - bnx2x: Add autogrEEEn support (Yaniv Rosner) - bnx2x: Fix BCM84833 initialization (Yaniv Rosner) - bnx2x: Fix false link indication at link partner when DAC is used (Yaniv Rosner) - bnx2x: Reset PHY due to fan failure for 578xx (Yaniv Rosner) - bnx2x: Add CL37 BAM for Warpcore (Yaniv Rosner) - bnx2x: Change BCM54616S to BCM54618SE (Yaniv Rosner) - bnx2x: PFC fixes (Yaniv Rosner) - bnx2x: remove unnecessary read of PCI_CAP_ID_EXP (Jon Mason) - cnic: Update VLAN ID during ISCSI_UEVENT_PATH_UPDATE (Eddie Wai) - cnic: set error flag when iSCSI connection fails (Jeffrey Huang) - cnic: Add FCoE parity error recovery (Michael Chan) - cnic: Improve error recovery on bnx2x devices (Michael Chan) - cnic: Add timeout for ramrod replies. (Michael Chan) - cnic, bnx2fc: Increase maximum FCoE sessions. (Michael Chan) - bnx2: Update driver to use new mips firmware. (Joe Jin) - bnx2: Add missing memory barrier in bnx2_start_xmit() (Joe Jin) - bnx2: Add support for ethtool --show-channels|--set-channels (Michael Chan) - bnx2: fix skb truesize underestimation (Eric Dumazet) - bnx2: dont request firmware when theres no userspace. (francois romieu) - tg3: Avoid panic from reserved statblk field access (Matt Carlson) - tg3: Use mii_advertise_flowctrl (Matt Carlson) - tg3: Fix advertisement handling (Joe Jin) - tg3: Add 57766 ASIC rev support (Matt Carlson) - tg3: Make the TX BD DMA limit configurable (Matt Carlson) - tg3: Track LP advertising (Matt Carlson) - tg3: Integrate flowctrl check into AN adv check (Joe Jin) - net: Change mii to ethtool advertisement function names (Matt Carlson) - net: Add ethtool to mii advertisment conversion helpers (Joe Jin) - tg3: fix ipv6 header length computation (Eric Dumazet) - tg3: Break out RSS indir table init and assignment (Matt Carlson) - tg3: Update version to 3.122 (Matt Carlson) - tg3: Return flowctrl config through ethtool (Matt Carlson) - tg3: Save stats across chip resets (Matt Carlson) - tg3: Remove ethtool stats member from dev struct (Matt Carlson) - tg3: Scale back code that modifies MRRS (Matt Carlson) - tg3: Fix TSO CAP for 5704 devs w / ASF enabled (Matt Carlson) - tg3: Add MDI-X reporting (Matt Carlson) - tg3: Restrict large prod ring cap devices (Matt Carlson) - tg3: Adjust BD replenish thresholds (Matt Carlson) - tg3: Make 1000Base-X FC resolution look like 1000T (Matt Carlson) - tg3: Update version to 3.121 (Matt Carlson) - tg3: Eliminate timer race with reset_task (Matt Carlson) - tg3: Schedule at most one tg3_reset_task run (Joe Jin) - tg3: Obtain PCI function number from device (Matt Carlson) - tg3: Fix irq alloc error cleanup path (Matt Carlson) - tg3: Fix 4k skb error recovery path (Matt Carlson) - tg3: Fix 4k tx bd segmentation code (Joe Jin) - tg3: Fix APE mutex init and use (Matt Carlson) - tg3: add tx_dropped counter (Joe Jin) - tg3: fix tigon3_dma_hwbug_workaround() (Eric Dumazet) - tg3: Remove unnecessary driver assignments of ethtool_ringparam fields to zero (Joe Jin) - tg3: Code movement (Matt Carlson) - tg3: Eliminate tg3_halt_cpu() prototype (Matt Carlson) - tg3: Eliminate tg3_write_sig_post_reset() prototype (Matt Carlson) - tg3: Eliminate tg3_stop_fw() prototype (Matt Carlson) - tg3: Remove tp->rx_offset term when unneeded (Matt Carlson) - tg3: Fix missed MSI workaround (Matt Carlson) - tg3: Workaround tagged status update bug (Matt Carlson) - tg3: Add ability to turn off 1shot MSI (Matt Carlson) - tg3: Check all adv bits when checking config (Matt Carlson) - tg3: Update version to 3.120 (Matt Carlson) - tg3: Add external loopback support to selftest (Matt Carlson) - net: add external loopback test in ethtool self test (Amit Kumar Salecha) - tg3: Restructure tg3_test_loopback (Matt Carlson) - tg3: Pull phy int lpbk setup into separate func (Matt Carlson) - tg3: Consilidate MAC loopback code (Matt Carlson) - tg3: Remove dead code (Matt Carlson) - tg3: Remove 5719 jumbo frames and TSO blocks (Matt Carlson) - tg3: Break larger frags into 4k chunks for 5719 (Matt Carlson) - tg3: Add tx BD budgeting code (Matt Carlson) - tg3: Consolidate code that calls tg3_tx_set_bd() (Matt Carlson) - tg3: Add partial fragment unmapping code (Matt Carlson) - tg3: Generalize tg3_skb_error_unmap() (Matt Carlson) - tg3: Remove short DMA check for 1st fragment (Matt Carlson) - tg3: Simplify tx bd assignments (Matt Carlson) - tg3: Reintroduce tg3_tx_ring_info (Matt Carlson) - tg3: Fix NVRAM selftest failures for 5720 devs (Matt Carlson) - tg3: Add more selfboot formats to NVRAM selftest (Matt Carlson) - tg3: Return size from tg3_vpd_readblock() (Matt Carlson) - tg3: Fix RSS indirection table distribution (Matt Carlson) - tg3: Fix link down notify failure when EEE disabled (Matt Carlson) - tg3: Fix link flap at 100Mbps with EEE enabled (Matt Carlson) - tg3: Match power source to driver state (Matt Carlson) - tg3: Add function status reporting (Matt Carlson) - tg3: Create critical section around GPIO toggling (Matt Carlson) - tg3: Determine PCI function number in one place (Matt Carlson) - tg3: Check transitions to D0 power state (Matt Carlson) - tg3: Create funcs for power source switching (Matt Carlson) - tg3: Move power state transitions to init_one (Matt Carlson) - tg3: Detect APE enabled devs earlier (Matt Carlson) - tg3: remove unnecessary read of PCI_CAP_ID_EXP (Jon Mason) - tg3: Migrate phy preprocessor defs to system defs (Matt Carlson) - tg3: Show flowctrl settings through get_settings() (Matt Carlson) - tg3: Remove 4G_DMA_BNDRY_BUG flag (Matt Carlson) - tg3: Remove 40BIT_DMA_LIMIT_BUG (Matt Carlson) - [SCSI] hpsa: use find_first_zero_bit (Akinobu Mita) - [SCSI] hpsa: combine hpsa_scsi_detect and hpsa_register_scsi (Stephen M. Cameron) - [SCSI] hpsa: removed unneeded structure member max_sg_entries and fix badly named constant MAXSGENTRIES (Stephen M. Cameron) - [SCSI] hpsa: fix per device memory leak on driver unload (Stephen M. Cameron) - [SCSI] hpsa: do not sleep in atomic context in rmmod path. (Stephen M. Cameron) - [SCSI] hpsa: fix flush cache transfer length (Stephen M. Cameron) - [SCSI] hpsa: set max sectors instead of taking the default (Stephen M. Cameron) - [SCSI] hpsa: detect controller lockup (Stephen M. Cameron) - [SCSI] hpsa: remove unused busy_initializing and busy_scanning (Stephen M. Cameron) - cciss: fix flush cache transfer length (Stephen M. Cameron) - cciss: auto engage SCSI mid layer at driver load time (Stephen M. Cameron) - The Windows driver .inf disables ASPM on all cciss devices. Do the same. (Matthew Garrett) - cciss: add transport mode attribute to sys (Joe Handzik) - cciss: Adds simple mode functionality (Joseph Handzik) - [SCSI] hpsa: update device attributes when they change (Scott Teel) - [SCSI] hpsa: improve naming on external target device functions (Scott Teel) - [SCSI] hpsa: eliminate 8 external target limitation (Scott Teel) - [SCSI] hpsa: fix potential array overflow in hpsa_update_scsi_devices (Scott Teel) - [SCSI] hpsa: rename HPSA_MAX_SCSI_DEVS_PER_HBA (Scott Teel) - [SCSI] hpsa: refactor hpsa_figure_bus_target_lun (Stephen M. Cameron) - [SCSI] hpsa: make target and lun match what SCSI REPORT LUNs returns (Stephen M. Cameron) - [SCSI] hpsa: Fix problem with MSA2xxx devices (Stephen M. Cameron) - [scsi] hpsa: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler (Joe Jin) [2.6.39-200.13.0.el5uek] - drm/i915: fix integer overflow in i915_gem_do_execbuffer() (Xi Wang) [Orabug: 14107456] {CVE-2012-2384} - drm/i915: fix integer overflow in i915_gem_execbuffer2() (Xi Wang) [Orabug: 14107445] {CVE-2012-2383} [2.6.39-200.12.0.el5uek] - Revert 'x86, efi: Pass a minimal map to SetVirtualAddressMap()' (Maxim Uvarov) [Orabug: 14076004] - config: turn on CONFIG_HVC_XEN_FRONTEND (Maxim Uvarov) [Orabug: 14064174] - xen/hvc: Check HVM_PARAM_CONSOLE_[EVTCHN|PFN] for correctness. (Konrad Rzeszutek Wilk) - xen/hvc: Fix error cases around HVM_PARAM_CONSOLE_PFN (Konrad Rzeszutek Wilk) - xen/hvc: Collapse error logic. (Konrad Rzeszutek Wilk) [2.6.39-200.11.0.el5uek] - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) [Orabug: 14056755] {CVE-2011-4127} [2.6.39-200.10.0.el5uek] - net: ipv4: relax AF_INET check in bind() (Eric Dumazet) [Orabug: 14054411] - xen-netback: fix the number of skb slots calculation. (Adnan Misherfi) - KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi Kivity) {CVE-2012-1601} - kabi update whitelist for OCFS (Maxim Uvarov) [Orabug: 14055758] [2.6.39-200.9.0.el5uek] - [SCSI] scsi_dh_rdac: Fix for unbalanced reference count (Moger, Babu) [Orabug: 14059970] - [SCSI] scsi_dh_rdac: Adding couple more vendor product ids (Moger, Babu) [Orabug: 14059970] - [SCSI] dh_rdac: Associate HBA and storage in rdac_controller to support partitions in storage (Chandra Seetharaman) [Orabug: 14059970] - [SCSI] dh_rdac: Use WWID from C8 page instead of Subsystem id from C4 page to identify storage (Chandra Seetharaman) [Orabug: 14059970] - kernel config: turn on sxge and sxgevf drivers (Maxim Uvarov) - sxge/sxgevf: add new driver (Maxim Uvarov) [Orabug: 13444150] - be2iscsi: adding functionality to change network settings using iscsiadm (root) - be2iscsi: Adding bsg interface for be2iscsi (root) - be2iscsi: Get Initiator Name for the iSCSI_Host (root) - be2iscsi: Return async handle of unknown opcode to free list. (root) - be2iscsi: Check ASYNC PDU Handle corresponds to HDR/DATA Handle (root) - be2iscsi:Bump the driver Version (root) - be2iscsi: Update in Copyright information (root) - be2iscsi:Fix the function return values. (root) - be2iscsi:Code cleanup, removing the goto statement (root) - be2iscsi:Fix double free of MCCQ info memory. (root) - be2iscsi:Set num_cpu = 1 if pci_enable_msix fails (root) - be2iscsi:Fix typo function name mismatch (root) - be2iscsi:Freeing of WRB and SGL Handle in cleanup task (root) - be2iscsi: WRB Initialization and Failure code path change (root) - be2iscsi: Fix in the Asynchronous Code Path (root) - be2iscsi: cleanup a min_t() call (root) - qlge: driver update to v1.0.0.30 (Maxim Uvarov) [Orabug: 14045380] - netxen: driver update to v4.0.78 (Maxim Uvarov) [Orabug: 14045367] - qlcnic: driver update to v5.0.28.1 (Maxim Uvarov) [Orabug: 14055720] [2.6.39-200.8.0.el5uek] - Revert 'xen-blkfront: set pages are FOREIGN_FRAME when sharing them' (Konrad Rzeszutek Wilk) [2.6.39-200.7.0.el5uek] - Revert 'x86/ioapic: Add register level checks to detect bogus io-apic entries' (Maxim Uvarov) - qla2xxx: Updated the driver version to 8.04.00.03.39.0-k. (Giridhar Malavali) - qla2xxx: Dont attach driver with function. (Giridhar Malavali) - qla2xxx: Proper detection of firmware abort error code for ISP82xx. (Giridhar Malavali) - qla2xxx: Fix typo in bus-reset handler. (Andrew Vasquez) - qla2xxx: Correct link-reset regressions introduced during 83xx porting. (Andrew Vasquez) - qla2xxx: Handle device mapping changes due to device logout. (Arun Easi) - qla2xxx: Avoid invalid request queue dereference for bad response packets. (Arun Easi) - qla2xxx: Stop iteration after first failure in *_id functions. (Arun Easi) - qla2xxx: Fix incorrect register access in qla2x00_start_iocbs(). (Arun Easi) - qla2xxx: Fix to update proper command completion upon command retries. (Andrew Vasquez) - qla2xxx: Hard code the number of loop entries at 128. (Chad Dupuis) - Revert 'qla2xxx: Return N-port id to firmware on logout.' (Giridhar Malavali) - qla2xxx: Reference proper scsi_qla_host structure for processing non-scsi SRB commands. (Giridhar Malavali) - qla2xxx: Fix wrong decrement, null sp access. (Arun Easi) - qla2xxx: Further consolidation of SRB related code changes. (Giridhar Malavali) - qla2xxx: Complete mailbox command timedout to avoid initialization failures during next reset cycle. (Giridhar Malavali) - qla2xxx: Add ha->max_fibre_devices to keep track of the maximum number of targets. (Chad Dupuis) - qla2xxx: Cache swl during fabric discovery. (Andrew Vasquez) - qla2xxx: Remove EDC sysfs interface. (Joe Carnuccio) - qla2xxx: Perform firmware dump procedure on mailbox command timeout. (Chad Dupuis) - qla2xxx: Change the log message when previous dump is available to retrieve for ISP82xx. (Giridhar Malavali) - qla2xxx: Log messages to use correct vha. (Arun Easi) - qla2xxx: Add new message when a new loopid is assigned. (Chad Dupuis) - qla2xxx: Fix ql_dbg arguments. (Arun Easi) - qla2xxx: Use ql_log* #defines in ql_log() and ql_log_pci(). (Chad Dupuis) - qla2xxx: Convert remaining printks to ql_log format. (Chad Dupuis) - qla2xxx: Print mailbox command opcode and return code when a command times out. (Chad Dupuis) - qla2xxx: Remove check for null fcport from host reset handler. (Michael Christie) - qla2xxx: Correct out of bounds read of ISP2200 mailbox registers. (Andrew Vasquez) - qla2xxx: Remove errant clearing of MBX_INTERRUPT flag during CT-IOCB processing. (Andrew Vasquez) - qla2xxx: Reduce mbx-command timeout for Login/Logout requests. (Andrew Vasquez) - qla2xxx: Clear options-flags while issuing stop-firmware mbx command. (Andrew Vasquez) - qla2xxx: Prep zero-length BSG data-transfer requests. (Andrew Vasquez) - qla2xxx: Perform implicit logout during rport tear-down. (Andrew Vasquez) - qla2xxx: Return N-port id to firmware on logout. (Joe Carnuccio) - qla2xxx: Handle failure cases during fabric_login (Chad Dupuis) - qla2xxx: Increase speed of flash access in ISP82xx adapters to improve firmware load speed. (Chad Dupuis) - qla2xxx: Handle change notifications based on switch scan results. (Arun Easi) - qla2xxx: Correct print format for edc ql_log() calls. (Joe Carnuccio) - qla2xxx: Use consistent DL mask for ELS/CT passthru requests. (Andrew Vasquez) - qla2xxx: Consolidation of SRB processing. (Giridhar Malavali) - qla2xxx: Use proper VPD/NVRAM regions with ISP8031 parts. (Andrew Vasquez) - qla2xxx: Remove ql2xfwloadbin assignment to 0. (Chad Dupuis) - qla2xxx: Call MPI reset for 81xx adapters only. (Andrew Vasquez) - qla2xxx: Driver need to do HotReset instead of FundamentalReset for ISP83XX (Andrew Vasquez) - qla2xxx: Use default semantic for firmware load. (Saurav Kashyap) - qla2xxx: Enhancements to support ISP83xx. (Giridhar Malavali) - qla2xxx: Enhanced the dump routines to capture multiple request and response queues. (Giridhar Malavali) - qla2xxx: Update the driver version to 8.03.07.13.39.0-k. (Saurav Kashyap) - qla2xxx: Fixed typos and misc issues. (Saurav Kashyap) - qla2xxx: Fix byte swapping in IPE print statement. (Chad Dupuis) - qla2xxx: Add an 'is reset active' helper. (Andrew Vasquez) - qla2xxx: Disable generating pause frames when firmware hang detected for ISP82xx. (Giridhar Malavali) - qla2xxx: Use a valid enode-mac if none defined. (Andrew Vasquez) - qla2xxx: Remove resetting memory during device initialization for ISP82xx. (Shyam Sundar) - qla2xxx: Propagate up abort failures. (Arun Easi) - qla2xxx: Add check for null fcport references in qla2xxx_queuecommand. (Chad Dupuis) - [mpt2sas] Bump driver vesion to 13.100.00.00 (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] fix NULL pointer at ioc->pfacts (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] A hard drive is going OFFLINE when there is a hard reset issued and simultaneously another hard drive is hot unplugged (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] Set the phy identifier of the end device to to the phy number of the parent device it is linked to (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] While enabling phy, read the current port number from sas iounit page 0 instead of page 1 (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] Fix several endian issues found by runing sparse (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] Modify the source code as per the findings reported by the source code analysis tool (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] Improvement were made to better protect the sas_device, raid_device, and expander_device lists (Nagalakshmi Nandigama) - [mpt2sas] Perform Target Reset instead of HBA reset when a SATA_PASSTHROUGH cmd timeout happens (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] Added multisegment mode support for Linux BSG Driver (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] remove the global mutex (Nagalakshmi Nandigama) [Orabug: 14040678] - [mpt2sas] MPI next revision header update (Nagalakshmi Nandigama) [Orabug: 14040678] - Update lpfc version for 8.3.5.68.4p driver release (Vaios Papadimitriou) - Fix bug with mailbox handling of REG_VFI and cable pull (CR 127762) (Vaios Papadimitriou) - Use PCI configure space read to flush PCI function reset register write to avoid MMIO issues (CR 128101) (Vaios Papadimitriou) - Fixed system panic when extents enabled with large number of small blocks (CR 128010) (Vaios Papadimitriou) - Fixed the system panic during EEH recovery (CR 127062) (Vaios Papadimitriou) - Fix resource leak when acc fails for received plogi (CR 127847) (Vaios Papadimitriou) - Fixed SLI4 driver module load and unload test in a loop crashes the system (CR 126397) (Vaios Papadimitriou) - Fixed missing CVL event causing round-robin FCF failover process to stop (CR 123367) (Vaios Papadimitriou) - Fix deadlock during adapter offline request (CR 127217) (Vaios Papadimitriou) - Fix same RPI registered multiple times after HBA reset (CR 127176) (Vaios Papadimitriou) - Fix driver handling of XRI Aborted CQE response (CR 127345) (Vaios Papadimitriou) - Fixed port and system failure in handling SLI4 FC port function reset (CR 126551) (Vaios Papadimitriou) - Fix bug with driver not sending a LOGO with vport delete (CR 126625) (Vaios Papadimitriou) - Fix for SLI4 Port delivery for BLS ABORT ACC (CR 126289) (Vaios Papadimitriou) - Fix ndlp nodelist not empty wait timeout during driver unloading (CR 127052) (Vaios Papadimitriou) - Fix mailbox and vpi memory leaks (CR 126818) (Vaios Papadimitriou) - Fix management communication issues by creating character device to take a reference on the driver (CR 126082) (Vaios Papadimitriou) - Fix for FDISC failures after firmware reset or link bounce (CR 126779) (Vaios Papadimitriou) - Fix for driver using duplicate RPIs after LPe16000 port reset (CR 126723) (Vaios Papadimitriou) - Fix discovery problem when in pt2pt (CR 126887) (Vaios Papadimitriou) - Fixed failure in handling large CQ/EQ identifiers in an IOV environment (CR 126856) (Vaios Papadimitriou) - Fix Locking code raising IRQ twice (Vaios Papadimitriou) - Fix driver not returning when bad ndlp found in abts error event handling (CR 126209) (Vaios Papadimitriou) - Fix bug with driver returning the wrong ndlp (CR 125743) (Vaios Papadimitriou) - Fix driver behavior when receiving an ADISC (CR 126654) (Vaios Papadimitriou) - Fix bug with driver processing dump command type 4 using 16Gb FC Adapter (CR 126406) (Vaios Papadimitriou) - Fix driver does not reset port when reset is needed during fw_dump (CR 125807) (Vaios Papadimitriou) - Fix ELS FDISC failing with local reject / invalid RPI (CR 126350) (Vaios Papadimitriou) - Fix SLI4 FC port internal loopback (CR 126409) (Vaios Papadimitriou) - Fix REG_RPI fails on SLI4 HBA putting NPort into NPR state (CR 126230) (Vaios Papadimitriou) - Fix bug with driver processing an els command using 16Gb FC Adapter (CR 126345) (Vaios Papadimitriou) - Fix NMI seen due to CQE starvation (CR 126149) (Vaios Papadimitriou) - Fixed SLI4 FC port obtained link type and number dependent on link connection (CR 126264) (Vaios Papadimitriou) - Fixed SLI4 FC port internal loopback without SFP and external link/loopback plug (CR 125843) (Vaios Papadimitriou) - Fix driver incorrectly building fcpCdb during scsi command prep (CR 126209) (Vaios Papadimitriou) - be2net: make be_vlan_add_vid() void (Maxim Uvarov) - be2net: Record receive queue index in skb to aid RPS. (Somnath Kotur) - be2net: Fix FW download for BE (Padmanabh Ratnakar) - be2net: Fix traffic stall INTx mode (Padmanabh Ratnakar) - be2net: fix ethtool get settings (Ajit Khaparde) - be2net: fix programming of VLAN tags for VF (Ajit Khaparde) - be2net: reset queue address after freeing (Sathya Perla) - be2net: fix tx completion cleanup (Sathya Perla) - be2net: refactor/cleanup vf configuration code (Maxim Uvarov) - be2net: event queue re-design (Maxim Uvarov) - be2net: update the driver version (Sarveshwar Bandi) - be2net: Fix EEH error reset before a flash dump completes (Somnath Kotur) - be2net: Ignore status of some ioctls during driver load (Ajit Khaparde) - be2net: Fix wrong status getting returned for MCC commands (Padmanabh Ratnakar) - be2net: Fix Lancer statistics (Padmanabh Ratnakar) - be2net: Fix ethtool self test for Lancer (Padmanabh Ratnakar) - be2net: Fix FW download in Lancer (Padmanabh Ratnakar) - be2net: Fix VLAN/multicast packet reception (Padmanabh Ratnakar) - be2net: Fix number of vlan slots in flex mode (Ajit Khaparde) - be2net: enable WOL by default if h/w supports it (Ajit Khaparde) - be2net: Remove unused OFFSET_IN_PAGE() macro (Roland Dreier) - be2net: enable RSS for ipv6 pkts (Sathya Perla) - be2net: Use new implementation of get mac list command (Padmanabh Ratnakar) - be2net: Fix link status query command (Padmanabh Ratnakar) - ethtool: Null-terminate filename passed to ethtool_ops::flash_device (Ben Hutchings) - be2net: add descriptions for stat counters reported via ethtool (Sathya Perla) - be2net: allocate more headroom in incoming skbs (Eric Dumazet) - netdev: make net_device_ops const (stephen hemminger) - be2net: fix be_vlan_add/rem_vid (Ajit Khaparde) - be2net: Fix INTx processing for Lancer (Padmanabh Ratnakar) - be2net: Add support for Skyhawk cards (Ajit Khaparde) - be2net: fix ethtool ringparam reporting (Sathya Perla) - be2net: workaround to fix a bug in BE (Ajit Khaparde) - be2net: update some counters to display via ethtool (Ajit Khaparde) - net: make vlan ndo_vlan_rx_[add/kill]_vid return error value (Jiri Pirko) - be2net: netpoll support (Ivan Vecera) - xen/pci: dont use PCI BIOS service for configuration space accesses (David Vrabel) - xen/Kconfig: fix Kconfig layout (Andrew Morton) - xen/pte: Fix crashes when trying to see non-existent PGD/PMD/PUD/PTEs (Konrad Rzeszutek Wilk) - xen/apic: Return the APIC ID (and version) for CPU 0. (Konrad Rzeszutek Wilk) - drivers/video/xen-fbfront.c: add missing cleanup code (Julia Lawall) - xen/x86: Workaround 'x86/ioapic: Add register level checks to detect bogus io-apic entries' (Konrad Rzeszutek Wilk) - xen/acpi: Workaround broken BIOSes exporting non-existing C-states. (Konrad Rzeszutek Wilk) - xen/enlighten: Disable MWAIT_LEAF so that acpi-pad wont be loaded. (Konrad Rzeszutek Wilk) - drivers/video/xen-fbfront.c: add missing cleanup code (Julia Lawall) - xen: correctly check for pending events when restoring irq flags (David Vrabel) - xen/smp: Fix crash when booting with ACPI hotplug CPUs. (Konrad Rzeszutek Wilk) - xen: use the pirq number to check the pirq_eoi_map (Stefano Stabellini) [2.6.39-200.6.0.el5uek] - [USB] cdc-acm: Increase number of devices to 64 (Joe Jin) [Orabug: 13693812] - git-changelog: generate date entry (Maxim Uvarov) - [scsi] hpsa: Remove some PCI IDs if for OL5. (Joe Jin) - [block] cciss: fix incorrect PCI IDs and add two new ones (Joe Jin) - [scsi] hpsa: add some older controllers to the kdump blacklist (Joe Jin) - [block] cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler (Joe Jin) - [block] cciss: add some older controllers to the kdump blacklist (Joe Jin) [2.6.39-200.5.0.el5uek] - be2net: query link status in be_open() (Sarveshwar Bandi) [Orabug: 13231] [2.6.39-200.4.0.el5uek] - Revert 'xen/p2m: m2p_find_override: use list_for_each_entry_safe' (Konrad Rzeszutek Wilk) - xen/blkback: Fix warning error. (Konrad Rzeszutek Wilk) - xen/blkback: Make optional features be really optional. (Konrad Rzeszutek Wilk) - xen-blkfront: module exit handling adjustments (Jan Beulich) - xen-blkfront: properly name all devices (Jan Beulich) - xen-blkfront: set pages are FOREIGN_FRAME when sharing them (Stefano Stabellini) - xen: EXPORT_SYMBOL set_phys_to_machine (Stefano Stabellini) - xen-blkfront: make blkif_io_lock spinlock per-device (Steven Noonan) - xen/blkfront: dont put bdev right after getting it (Andrew Jones) - xen-blkfront: use bitmap_set() and bitmap_clear() (Akinobu Mita) - xen/blkback: Enable blkback on HVM guests (Daniel De Graaf) - xen/blkback: use grant-table.c hypercall wrappers (Daniel De Graaf) - xen/p2m: m2p_find_override: use list_for_each_entry_safe (Stefano Stabellini) - xen/gntdev: do not set VM_PFNMAP (Stefano Stabellini) - xen/grant-table: add error-handling code on failure of gnttab_resume (Julia Lawall) - xen: only check xen_platform_pci_unplug if hvm (Igor Mammedov) - xen: initialize platform-pci even if xen_emul_unplug=never (Igor Mammedov) - xen kconfig: relax INPUT_XEN_KBDDEV_FRONTEND deps (Andrew Jones) - xen: support pirq_eoi_map (Stefano Stabellini) - xen/smp: Remove unnecessary call to smp_processor_id() (Srivatsa S. Bhat) - xen/smp: Fix bringup bug in AP code. (Konrad Rzeszutek Wilk) - xen/tmem: cleanup (Jan Beulich) - xen: constify all instances of 'struct attribute_group' (Jan Beulich) - xen/xenbus: ignore console/0 (Stefano Stabellini) - hvc_xen: introduce HVC_XEN_FRONTEND (Stefano Stabellini) - hvc_xen: implement multiconsole support (Stefano Stabellini) - hvc_xen: support PV on HVM consoles (Stefano Stabellini) - xen: use this_cpu_xxx replace percpu_xxx funcs (Alex Shi) - xenbus: dont free other end details too early (Jan Beulich) - xen/resume: Fix compile warnings. (Konrad Rzeszutek Wilk) - xen/xenbus: Add quirk to deal with misconfigured backends. (Konrad Rzeszutek Wilk) - xenbus: address compiler warnings (Jan Beulich) - xen/pcifront: avoid pci_frontend_enable_msix() falsely returning success (Jan Beulich) - xen/pciback: fix XEN_PCI_OP_enable_msix result (Jan Beulich) - xen/pciback: Support pci_reset_function, aka FLR or D3 support. (Konrad Rzeszutek Wilk) - PCI: Introduce __pci_reset_function_locked to be used when holding device_lock. (Konrad Rzeszutek Wilk) - xen/acpi: Fix Kconfig dependency on CPU_FREQ (Konrad Rzeszutek Wilk) - xen/acpi-processor: Do not depend on CPU frequency scaling drivers. (Konrad Rzeszutek Wilk) - xen/cpufreq: Disable the cpu frequency scaling drivers from loading. (Konrad Rzeszutek Wilk) - provide disable_cpufreq() function to disable the API. (Konrad Rzeszutek Wilk) - xen-netback: make ops structs const (stephen hemminger) - netback: fix typo in comment (Wei Liu) - netback: remove redundant assignment (Wei Liu) - netback: Fix alert message. (Wei Liu) - xen-netback: use correct index for invalidation in xen_netbk_tx_check_gop() (Jan Beulich) - net: xen-netback: correctly restart Tx after a VM restore/migrate (David Vrabel) - xen/netback: Add module alias for autoloading (Bastian Blank) [2.6.39-200.3.0.el5uek] - loop: loop_thread needs to set the PF_LESS_THROTTLE flag (Dave Kleikamp) - iov_iter: missing assignment of ii_bvec_ops.ii_shorten (Dave Kleikamp) [2.6.39-200.2.0.el5uek] - regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) {CVE-2012-1097} - regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) {CVE-2012-1097} - cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) {CVE-2012-1090} - git-changelog: add brackets around cve (Maxim Uvarov) - git-changelog: parse Oracle bug (Maxim Uvarov) - NFSv4: Save the owner/group name string when doing open (Trond Myklebust) [Oracle bug: 13842440 (from 13459986)] - ext4: flush any pending end_io requests before DIO reads w/dioread_nolock (Jiaying Zhang) - NFSv4: Return the delegation if the server returns NFS4ERR_OPENMODE (Trond Myklebust) - NFS: Properly handle the case where the delegation is revoked (Trond Myklebust) - nfsd: dont allow zero length strings in cache_parse() (Dan Carpenter) - x86, tls: Off by one limit check (Dan Carpenter) - x86, tsc: Skip refined tsc calibration on systems with reliable TSC (Alok Kataria) - lockd: fix arg parsing for grace_period and timeout. (NeilBrown) - xfrm: Access the replay notify functions via the registered callbacks (Steffen Klassert) - Remove printk from rds_sendmsg (Dave Jones) - net: fix napi_reuse_skb() skb reserve (Eric Dumazet) - net: fix a potential rcu_read_lock() imbalance in rt6_fill_node() (Eric Dumazet) - Fix pppol2tp getsockname() (Benjamin LaHaise) - slub: Do not hold slub_lock when calling sysfs_slab_add() (Christoph Lameter) - xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (Jan Kara) - dm exception store: fix init error path (Andrei Warkentin) - dm crypt: add missing error handling (Mikulas Patocka) - dm crypt: fix mempool deadlock (Mikulas Patocka) - vfs: fix d_ancestor() case in d_materialize_unique (Michel Lespinasse) - udf: Fix deadlock in udf_release_file() (Jan Kara) - ext4: check for zero length extent (Theodore Tso) - ext4: ignore EXT4_INODE_JOURNAL_DATA flag with delalloc (Lukas Czerner) - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) - e1000e: Avoid wrong check on TX hang (Jeff Kirsher) - hwmon: (fam15h_power) Correct sign extension of running_avg_capture (Andreas Herrmann) - proc-ns: use d_set_d_op() API to set dentry ops in proc_ns_instantiate(). (Pravin B Shelar) - x86-32: Fix endless loop when processing signals for kernel tasks (Dmitry Adamushko) - usbnet: dont clear urb->dev in tx_complete (tom.leiming) - SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() (Trond Myklebust) - cifs: fix issue mounting of DFS ROOT when redirecting from one domain controller to the next (Jeff Layton) - xfs: fix inode lookup race (Dave Chinner) - firewire: ohci: fix too-early completion of IR multichannel buffers (Clemens Ladisch) - pata_legacy: correctly mask recovery field for HT6560B (Sergei Shtylyov) - target: Fix 16-bit target ports for SET TARGET PORT GROUPS emulation (Roland Dreier) - target: Dont set WBUS16 or SYNC bits in INQUIRY response (Roland Dreier) - md/raid1,raid10: avoid deadlock during resync/recovery. (NeilBrown) - md/bitmap: ensure to load bitmap when creating via sysfs. (NeilBrown) - tcm_fc: Fix fc_exch memory leak in ft_send_resp_status (Nicholas Bellinger) - hugetlbfs: avoid taking i_mutex from hugetlbfs_read() (Aneesh Kumar K.V) - bootmem/sparsemem: remove limit constraint in alloc_bootmem_section (Nishanth Aravamudan) - mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) {CVE-2012-1179} - x86/ioapic: Add register level checks to detect bogus io-apic entries (Suresh Siddha) - rtc: Disable the alarm in the hardware (v2) (Rabin Vincent) - genirq: Fix incorrect check for forced IRQ thread handler (Alexander Gordeev) - genirq: Fix long-term regression in genirq irq_set_irq_type() handling (Russell King) - uevent: send events in correct order according to seqnum (v3) (Andrew Vagin) - ntp: Fix integer overflow when setting time (Sasha Levin) - math: Introduce div64_long (Sasha Levin) - sysfs: Fix memory leak in sysfs_sd_setsecdata(). (Masami Ichikawa) - futex: Cover all PI opcodes with cmpxchg enabled check (Thomas Gleixner) - usb: musb: Reselect index reg in interrupt context (Supriya Karanth) - USB: ftdi_sio: fix problem when the manufacture is a NULL string (Greg Kroah- Hartman) [2.6.39-200.0.15.el5uek] - directio: account for extra page IOs for unaligned request (Dave Kleikamp) [Orabug: 13916031] [2.6.39-200.0.14.el5uek] - update kabi (Maxim Uvarov) - adjust kernel configs (Maxim Uvarov) - usb: fix number of mapped SG DMA entries (Clemens Ladisch) - svcrpc: destroy server sockets all at once (J. Bruce Fields) - PCI: Rework ASPM disable code (Matthew Garrett) - net: fix NULL dereferences in check_peer_redir() (Eric Dumazet) - lib: proportion: lower PROP_MAX_SHIFT to 32 on 64-bit kernel (Wu Fengguang) - writeback: fix dereferencing NULL bdi->dev on trace_writeback_queue (Wu Fengguang) - net: Make qdisc_skb_cb upper size bound explicit. (David S. Miller) - ipv4: Save nexthop address of LSRR/SSRR option to IPCB. (Maxim Uvarov) - compat: use sys_sendfile64() implementation for sendfile syscall (Chris Metcalf) - ext4: implement ext4_file_write_iter (Dave Kleikamp) [2.6.39-200.0.13.el5uek] - fix git merge: vlan: allow nested vlan_do_receive() (Maxim Uvarov) - SPEC: update and turn on kabi (Maxim Uvarov) [2.6.39-200.0.12.el5uek] - remove unused mutex hpidebuglock (Maxim Uvarov) - add hxge-1.3.3 driver (Maxim Uvarov) [2.6.39-200.0.11.el5uek] - vlan: allow nested vlan_do_receive() (Maxim Uvarov) - net: allow vlan traffic to be received under bond (John Fastabend) - net: vlan: goto another_round instead of calling __netif_receive_skb (Jiri Pirko) [2.6.39-200.0.10.el5uek] - ocfs2/cluster: Fix output in file elapsed_time_in_ms (Sunil Mushran) [2.6.39-200.0.9.el5uek] - Revert 'loop: increase default number of loop devices to 512' (Maxim Uvarov) - Revert 'loop: set default number of loop devices to 200' (Maxim Uvarov) - ocfs2/dlm: dlmlock_remote() needs to account for remastery (Sunil Mushran) - ocfs2/dlm: Take inflight reference count for remotely mastered resources too (Maxim Uvarov) - ocfs2/dlm: Clean up refmap helpers (Maxim Uvarov) - ocfs2/dlm: Cleanup dlm_wait_for_node_death() and dlm_wait_for_node_recovery() (Sunil Mushran) - ocfs2/dlm: Cleanup up dlm_finish_local_lockres_recovery() (Sunil Mushran) - ocfs2/dlm: Trace insert/remove of resource to/from hash (Sunil Mushran) - ocfs2/dlm: Clean up messages in o2dlm (Sunil Mushran) - ocfs2/cluster: Cluster up now includes network connections too (Sunil Mushran) - ocfs2/cluster: Clean up messages in o2net (Sunil Mushran) - ocfs2/cluster: Abort heartbeat start on hard-ro devices (Sunil Mushran) [2.6.39-200.0.8.el5uek] - loop: set default number of loop devices to 200 (Maxim Uvarov) - SPEC OL5: fix xen support (Maxim Uvarov) [2.6.39-200.0.6.el5uek] - ocfs2: Rollback commit ea455f8ab68338ba69f5d3362b342c115bea8e13 (Sunil Mushran) [orabug: 13555276] - ocfs2: Rollback commit f7b1aa69be138ad9d7d3f31fa56f4c9407f56b6a (Sunil Mushran) [orabug: 13555276] - ocfs2: Rollback commit 5fd131893793567c361ae64cbeb28a2a753bbe35 (Sunil Mushran) [orabug: 13555276] - ocfs2/cluster: Fix o2net_fill_node_map() (Sunil Mushran) - ocfs2/cluster: Add new function o2net_fill_node_map() (Sunil Mushran) - ocfs2: Tighten free bit calculation in the global bitmap (Sunil Mushran) - ocfs2/trivial: Limit unaligned aio+dio write messages to once per day (Sunil Mushran) - btrfs: btrfs_direct_IO_bvec() needs to check for sector alignment (Dave Kleikamp) - loop: increase default number of loop devices to 512 (Dave Kleikamp) - xen/merge error: Re-introduce xen-platform-pci driver. (Konrad Rzeszutek Wilk) - x86/PCI: reduce severity of host bridge window conflict warnings (Bjorn Helgaas) - xen/acpi: Remove the WARNs as they just create noise. (Konrad Rzeszutek Wilk) [2.6.39-200.0.5.el5uek] - btrfs: create btrfs_file_write_iter() (Dave Kleikamp) [2.6.39-200.0.4.el5uek] - ocfs2/trivial: Print message indicating unaligned aio+dio write (Sunil Mushran) - ocfs2: Avoid livelock in ocfs2_readpage() (Jan Kara) - ocfs2: serialize unaligned aio (Mark Fasheh) - ocfs2: null deref on allocation error (Dan Carpenter) - ocfs2: Bugfix for hard readonly mount (Tiger Yang) [2.6.39-200.0.3.el5uek] - xen/blkback: Disable DISCARD support for loopback device (but leave for phy). (Konrad Rzeszutek Wilk) - block: fix patch import error in max_discard_sectors check (Jens Axboe) - block: eliminate potential for infinite loop in blkdev_issue_discard (Mike Snitzer) - config: Use the xen-acpi-processor instead of the cpufreq-xen driver. (Konrad Rzeszutek Wilk) - xen/acpi-processor: C and P-state driver that uploads said data to hypervisor. (Konrad Rzeszutek Wilk) - Revert 'Merge branch 'stable/cpufreq-xen.v6.rebased' into uek2-merge' (Konrad Rzeszutek Wilk) [2.6.39-200.0.2.el5uek] - xen: make page table walk hugepages aware (Dave McCracken) [Orabug: 13719997] - x86/PCI: Preserve existing pci=bfsort whitelist for Dell systems (Narendra_K) [2.6.39-200.0.1.el5uek] - disable kabicheck for uek2 update 1 beta - nfs: only dirty user pages in direct read code (Dave Kleikamp) - config: Enable Xens PV USB, SCSI, MCE and Xen CPU freq driver (Konrad Rzeszutek Wilk) - [CPUFREQ] xen: governor for Xen hypervisor frequency scaling. (Konrad Rzeszutek Wilk) - xen/enlighten: Expose MWAIT and MWAIT_LEAF if hypervisor OKs it. (Konrad Rzeszutek Wilk) - Revert 'Merge branch 'stable/processor-passthru.v5.rebased' into uek2-merge' (Konrad Rzeszutek Wilk) - xen/processor-passthru: threads arent suppose to leave on their own. (Konrad Rzeszutek Wilk) - config: Enable Xens PV USB, SCSI, MCE and Processor-Passthru (Konrad Rzeszutek Wilk) - Xen: Export host physical CPU information to dom0 (Liu Jinsong) - xen/mce: Change the machine check point (Liu Jinsong) - Add mcelog support from xen platform (Liu Jinsong) - usb: xen pvusb driver (Nathanael Rensen) - xen/processor-passthru: Provide an driver that passes struct acpi_processor data to the hypervisor. (Konrad Rzeszutek Wilk) - xen/enlighten: Expose MWAIT and MWAIT_LEAF if hypervisor OKs it. (Konrad Rzeszutek Wilk) - xen/setup/pm/acpi: Remove the call to boot_option_idle_override. (Konrad Rzeszutek Wilk) - xen/acpi: Domain0 acpi parser related platform hypercall (Yu Ke) - xen/pm_idle: Make pm_idle be default_idle under Xen. (Konrad Rzeszutek Wilk) - cpuidle: stop depending on pm_idle (Len Brown) - cpuidle: replace xen access to x86 pm_idle and default_idle (Len Brown) - cpuidle: create bootparam 'cpuidle.off=1' (Len Brown) - Revert 'Merge branch 'stable/acpi-cpufreq.v3.rebased' into uek2-merge' (Konrad Rzeszutek Wilk) - x86/microcode: check proper return code. (Ben Guthro) - xen: add CPU microcode update driver (Jeremy Fitzhardinge) - xen: add dom0_op hypercall (Jeremy Fitzhardinge) - xen/acpi: Domain0 acpi parser related platform hypercall (Yu Ke) - nfs: add support for read_iter, write_iter (Dave Kleikamp) - xenbus_dev: add missing error check to watch handling (Jan Beulich) - xen/pci[front|back]: Use %d instead of %1x for displaying PCI devfn. (Konrad Rzeszutek Wilk) - xen pvhvm: do not remap pirqs onto evtchns if !xen_have_vector_callback (Stefano Stabellini) - xen/smp: Fix CPU online/offline bug triggering a BUG: scheduling while atomic. (Konrad Rzeszutek Wilk) - xen/bootup: During bootup suppress XENBUS: Unable to read cpu state (Konrad Rzeszutek Wilk) - Merge conflict resolved. Somehow the letter 's' slipped in the Makefile. This fixes the compile issues. (Konrad Rzeszutek Wilk) - xen/events: BUG() when we cant allocate our event->irq array. (Konrad Rzeszutek Wilk) - xen/granttable: Disable grant v2 for HVM domains. (Konrad Rzeszutek Wilk) - xen-blkfront: Use kcalloc instead of kzalloc to allocate array (Thomas Meyer) - xen/pciback: Expand the warning message to include domain id. (Konrad Rzeszutek Wilk) - xen/pciback: Fix 'device has been assigned to X domain!' warning (Konrad Rzeszutek Wilk) - xen/xenbus: dont reimplement kvasprintf via a fixed size buffer (Ian Campbell) - xenbus: maximum buffer size is XENSTORE_PAYLOAD_MAX (Ian Campbell) - xen/xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. (Ian Campbell) - Xen: consolidate and simplify struct xenbus_driver instantiation (Jan Beulich) - xen-gntalloc: introduce missing kfree (Julia Lawall) - xen/xenbus: Fix compile error - missing header for xen_initial_domain() (Konrad Rzeszutek Wilk) - xen/netback: Enable netback on HVM guests (Daniel De Graaf) - xen/grant-table: Support mappings required by blkback (Daniel De Graaf) - xenbus: Use grant-table wrapper functions (Daniel De Graaf) - xenbus: Support HVM backends (Daniel De Graaf) - xen/xenbus-frontend: Fix compile error with randconfig (Konrad Rzeszutek Wilk) - xen/xenbus-frontend: Make error message more clear (Bastian Blank) - xen/privcmd: Remove unused support for arch specific privcmp mmap (Bastian Blank) - xen: Add xenbus_backend device (Bastian Blank) - xen: Add xenbus device driver (Bastian Blank) - xen: Add privcmd device driver (Bastian Blank) - xen/gntalloc: fix reference counts on multi-page mappings (Daniel De Graaf) - xen/gntalloc: release grant references on page free (Daniel De Graaf) - xen/events: prevent calling evtchn_get on invalid channels (Daniel De Graaf) - xen/granttable: Support transitive grants (Annie Li) - xen/granttable: Support sub-page grants (Annie Li) - xen/granttable: Improve comments for function pointers (Annie Li) - xen/ia64: fix build breakage because of conflicting u64 guest handles (Tony Luck) - xen/granttable: Keep code format clean (Annie Li) - xen/granttable: Grant tables V2 implementation (Annie Li) - xen/granttable: Refactor some code (Annie Li) - xen/granttable: Introducing grant table V2 stucture (Annie Li) - Xen: update MAINTAINER info (Jeremy Fitzhardinge) - xen/event: Add reference counting to event channels (Daniel De Graaf) - xen/gnt{dev,alloc}: reserve event channels for notify (Daniel De Graaf) - xen/gntalloc: Change gref_lock to a mutex (Daniel De Graaf) - xen: document backend sysfs files (David Vrabel) - xen: document balloon driver sysfs files (David Vrabel) - btrfs: add support for read_iter, write_iter, and direct_IO_bvec (Dave Kleikamp) - ext4: add support for read_iter, write_iter, and direct_IO_bvec (Dave Kleikamp) - ocfs2: add support for read_iter, write_iter, and direct_IO_bvec (Dave Kleikamp) - ext3: add support for .read_iter and .write_iter (Dave Kleikamp) - bio: add bvec_length(), like iov_length() (Dave Kleikamp) - aio: add aio support for iov_iter arguments (Zach Brown) - aio: add aio_kernel_() interface (Dave Kleikamp) - fs: pull iov_iter use higher up the stack (Dave Kleikamp) - dio: add __blockdev_direct_IO_bdev() (Dave Kleikamp) - dio: add dio_post_submission() helper function (Dave Kleikamp) - dio: add dio_lock_and_flush() helper (Dave Kleikamp) - dio: add sdio_init() helper function (Dave Kleikamp) - dio: add dio_alloc_init() helper function (Dave Kleikamp) - dio: create a dio_aligned() helper function (Zach Brown) - iov_iter: let callers extract iovecs and bio_vecs (Zach Brown) - iov_iter: add a shorten call (Zach Brown) - iov_iter: add bvec support (Zach Brown) - iov_iter: hide iovec details behind ops function pointers (Zach Brown) - fuse: convert fuse to use iov_iter_copy_[to|from]_user (Dave Kleikamp) - iov_iter: add copy_to_user support (Zach Brown) - iov_iter: move into its own file (Zach Brown) - xen/scsi[front|back]: consolidate and simplify struct xenbus_driver instantiation (Konrad Rzeszutek Wilk) - xen/scsiback: allow RESERVE/RELEASE commands (James Harper) - xen/scsiback: vscsi >2TB patch (Samuel Kvasnica) - xen-scsi[front|back]: Fix warnings and bugs. (Konrad Rzeszutek Wilk) - xen/scsi[front|back]: Forgot .owner attribute. (Konrad Rzeszutek Wilk) - xen/scsi[front|back]: Initial commit from Novell SLES11SP1 2.6.32 tree. (Konrad Rzeszutek Wilk) - xen/pci:use hypercall PHYSDEVOP_restore_msi_ext to restore MSI/MSI-X vectors (Liang Tang) - xen/acpi/sleep: Register to the acpi_suspend_lowlevel a callback. (Konrad Rzeszutek Wilk) - xen/acpi/sleep: Enable ACPI sleep via the __acpi_override_sleep (Konrad Rzeszutek Wilk) - xen/acpi: Domain0 acpi parser related platform hypercall (Yu Ke) - xen: Utilize the restore_msi_irqs hook. (Konrad Rzeszutek Wilk) - x86/acpi/sleep: Provide registration for acpi_suspend_lowlevel. (Liang Tang) - x86, acpi, tboot: Have a ACPI sleep override instead of calling tboot_sleep. (Konrad Rzeszutek Wilk) - x86: Expand the x86_msi_ops to have a restore MSIs. (Konrad Rzeszutek Wilk) IMPORTANT Copyright 2012 Oracle, Inc. Oracle Linux 5 Oracle Linux 6 [2.6.39-200.29.2] - epoll: clear the tfile_check_list on -ELOOP (Joe Jin) {CVE-2012-3375} - Don't limit non-nested epoll paths (Jason Baron) - epoll: kabi fixups for epoll limit wakeup paths (Joe Jin) {CVE-2011-1083} - epoll: limit paths (Jason Baron) {CVE-2011-1083} - cred: copy_process() should clear child->replacement_session_keyring (Oleg Nesterov) {CVE-2012-2745} IMPORTANT Copyright 2012 Oracle, Inc. Oracle Linux 5 Oracle Linux 6 [2.6.32-300.29.2] - epoll: epoll_wait() should not use timespec_add_ns() (Eric Dumazet) - epoll: clear the tfile_check_list on -ELOOP (Joe Jin) {CVE-2012-3375} - Don't limit non-nested epoll paths (Jason Baron) - epoll: kabi fixups for epoll limit wakeup paths (Joe Jin) {CVE-2011-1083} - epoll: limit paths (Jason Baron) {CVE-2011-1083} - eventpoll: fix comment typo 'evenpoll' (Paul Bolle) - epoll: fix compiler warning and optimize the non-blocking path (Shawn Bohrer) - epoll: move ready event check into proper inline (Davide Libenzi) - epoll: make epoll_wait() use the hrtimer range feature (Shawn Bohrer) - select: rename estimate_accuracy() to select_estimate_accuracy() (Andrew Morton) - cred: copy_process() should clear child->replacement_session_keyring (Oleg Nesterov) {CVE-2012-2745} IMPORTANT Copyright 2012 Oracle, Inc. CVE-2011-1083 CVE-2012-2745 CVE-2012-3375 Oracle Linux 5 Oracle Linux 6 [2.6.39-200.32.1] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14680245] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14680284] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14680018] {CVE-2012-3430} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2313 CVE-2012-2390 CVE-2012-3430 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.32.3] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14675306] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14676403] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14676504] {CVE-2012-3430} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2313 CVE-2012-2390 CVE-2012-3430 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.37.1.] - sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE (Ben Hutchings) [Orabug: 14769994] - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size (Ben Hutchings) [Orabug: 14769994] {CVE-2012-3412} [2.6.32-300.36.1.] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14675306] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14676403] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14676504] {CVE-2012-3430} [2.6.32-300.35.1.] - oracleasm: Bring driver in sync with UEK2 (Martin K. Petersen) - Fix system hang due to bad protection module parameters (CR 130769) (Martin K. Petersen) - sd: Avoid remapping bad reference tags (Martin K. Petersen) - block: Fix bad range check in bio_sector_offset (Martin K. Petersen) [2.6.32-300.34.1.] - htrimer: fix kabi breakage (Joe Jin) - 2.6.32.x: timekeeping: Add missing update call in timekeeping_resume() (Thomas Gleixner) - 2.6.32.x: hrtimer: Update hrtimer base offsets each hrtimer_interrupt (John Stultz) - 2.6.32.x: timekeeping: Provide hrtimer update function (Thomas Gleixner) - 2.6.32.x: hrtimers: Move lock held region in hrtimer_interrupt() (Thomas Gleixner) - 2.6.32.x: timekeeping: Maintain ktime_t based offsets for hrtimers (Thomas Gleixner) - 2.6.32.x: timekeeping: Fix leapsecond triggered load spike issue (John Stultz) - 2.6.32.x: hrtimer: Provide clock_was_set_delayed() (John Stultz) - 2.6.32.x: time: Move common updates to a function (Thomas Gleixner) - 2.6.32.x: timekeeping: Fix CLOCK_MONOTONIC inconsistency during leapsecond (John Stultz) - 2.6.32.x: ntp: Correct TAI offset during leap second (Richard Cochran) - 2.6.32.x: ntp: Fix leap-second hrtimer livelock (John Stultz) - Revert '2.6.32.x: hrtimer: Fix clock_was_set so it is safe to call from irq context' (Joe Jin) - Revert '2.6.32.x: time: Fix leapsecond triggered hrtimer/futex load spike issue' (Joe Jin) - Revert '2.6.32.x: hrtimer: Update hrtimer base offsets each hrtimer_interrupt' (Joe Jin) [2.6.32-300.33.1.] - mpt2sas: Update mpt2sas to 120.105.11.00 (Guru Anbalagane) [Orabug: 14376481] - Revert 'mpt2sas: update to 12.105.11.00' (Maxim Uvarov) IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3412 Oracle Linux 5 Oracle Linux 6 [2.6.39-200.33.1] - sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE (Ben Hutchings) [Orabug: 14769994] - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size (Ben Hutchings) [Orabug: 14769994] {CVE-2012-3412} IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3412 Oracle Linux 5 Oracle Linux 6 [2.6.39-200.34.1] - [net/sfc] limit number of segments per skb on tx (Maxim Uvarov) [Orabug: 14769994] {CVE-2012-3412} IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3412 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.38.1] - [net/sfc] limit number of segments per skb on tx (Maxim Uvarov) [Orabug: 14769994] {CVE-2012-3412} IMPORTANT Copyright 2012 Oracle, Inc. CVE-2012-3412 Oracle Linux 5 Oracle Linux 6 [2.6.39-300.17.2] - hugepages: fix use after free bug in 'quota' handling [Orabug: 15845276] {CVE-2012-2133} - udf: Fortify loading of sparing table [Orabug: 15845302] {CVE-2012-3400} - udf: Avoid run away loop when partition table length is corrupt [Orabug: 15845302] {CVE-2012-3400} - mm: Hold a file reference in madvise_remove [Orabug: 15846025] {CVE-2012-3511} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2133 CVE-2012-3400 CVE-2012-3511 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.39.1] - hugepages: fix use after free bug in 'quota' handling [15842385] {CVE-2012-2133} - mm: Hold a file reference in madvise_remove [15842884] {CVE-2012-3511} - udf: Fortify loading of sparing table [15843730] {CVE-2012-3400} - udf: Avoid run away loop when partition table length is corrupt [15843730] {CVE-2012-3400} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2133 CVE-2012-3400 CVE-2012-3511 Oracle Linux 5 Oracle Linux 6 [2.6.39-300.17.3] - mm/hotplug: correctly add new zone to all other nodes zone lists (Jiang Liu) [Orabug: 16020976 Bug-db: 14798] {CVE-2012-5517} - Divide by zero in TCP congestion control Algorithm. (Jesper Dangaard Brouer) [Orabug: 16020656 Bug-db: 14798] {CVE-2012-4565} - Fix length of buffer copied in __nfs4_get_acl_uncached (Sachin Prabhu) [Bug- db: 14798] {CVE-2012-2375} - Avoid reading past buffer when calling GETACL (Sachin Prabhu) [Bug-db: 14798] {CVE-2012-2375} - Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [Bug-db: 14798] {CVE-2012-2375} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2375 CVE-2012-4565 CVE-2012-5517 Oracle Linux 5 Oracle Linux 6 [2.6.32-300.39.2] - ext4: fix undefined behavior in ext4_fill_flex_info() (Xi Wang) [orabug 16020245] {CVE-2012-2100} - Divide by zero in TCP congestion control Algorithm (Jesper Dangaard Brouer) [orabug 16020447] {CVE-2012-4565} - ipv6: discard overlapping fragment (Luis Henriques) [orabug 16021354] {CVE-2012-4444} MODERATE Copyright 2012 Oracle, Inc. CVE-2012-2100 CVE-2012-4444 CVE-2012-4565