The upstream vendor has released the GFS and cluster modules for this
kernel.
i386
Dependencies:
cman-kernel-2.6.9-50.2.0.1.i686.rpm
cman-kernel-hugemem-2.6.9-50.2.0.1.i686.rpm
cman-kernel-smp-2.6.9-50.2.0.1.i686.rpm
cman-kernel-xenU-2.6.9-50.2.0.1.i686.rpm
cman-kernheaders-2.6.9-50.2.0.1.i686.rpm
cmirror-kernel-2.6.9-32.0.0.1.i686.rpm
cmirror-kernel-hugemem-2.6.9-32.0.0.1.i686.rpm
cmirror-kernel-smp-2.6.9-32.0.0.1.i686.rpm
cmirror-kernel-xenU-2.6.9-32.0.0.1.i686.rpm
dlm-kernel-2.6.9-46.16.0.1.i686.rpm
dlm-kernel-hugemem-2.6.9-46.16.0.1.i686.rpm
dlm-kernel-smp-2.6.9-46.16.0.1.i686.rpm
dlm-kernel-xenU-2.6.9-46.16.0.1.i686.rpm
dlm-kernheaders-2.6.9-46.16.0.1.i686.rpm
GFS-kernel-2.6.9-72.2.0.2.i686.rpm
GFS-kernel-hugemem-2.6.9-72.2.0.2.i686.rpm
GFS-kernel-smp-2.6.9-72.2.0.2.i686.rpm
GFS-kernel-xenU-2.6.9-72.2.0.2.i686.rpm
GFS-kernheaders-2.6.9-72.2.0.2.i686.rpm
gnbd-kernel-2.6.9-10.20.0.1.i686.rpm
gnbd-kernel-hugemem-2.6.9-10.20.0.1.i686.rpm
gnbd-kernel-smp-2.6.9-10.20.0.1.i686.rpm
gnbd-kernel-xenU-2.6.9-10.20.0.1.i686.rpm
gnbd-kernheaders-2.6.9-10.20.0.1.i686.rpm
x86_64
Dependencies:
cman-kernel-2.6.9-50.2.0.1.x86_64.rpm
cman-kernel-largesmp-2.6.9-50.2.0.1.x86_64.rpm
cman-kernel-smp-2.6.9-50.2.0.1.x86_64.rpm
cman-kernel-xenU-2.6.9-50.2.0.1.x86_64.rpm
cman-kernheaders-2.6.9-50.2.0.1.x86_64.rpm
cmirror-kernel-2.6.9-32.0.0.1.x86_64.rpm
cmirror-kernel-largesmp-2.6.9-32.0.0.1.x86_64.rpm
cmirror-kernel-smp-2.6.9-32.0.0.1.x86_64.rpm
cmirror-kernel-xenU-2.6.9-32.0.0.1.x86_64.rpm
dlm-kernel-2.6.9-46.16.0.1.x86_64.rpm
dlm-kernel-largesmp-2.6.9-46.16.0.1.x86_64.rpm
dlm-kernel-smp-2.6.9-46.16.0.1.x86_64.rpm
dlm-kernel-xenU-2.6.9-46.16.0.1.x86_64.rpm
dlm-kernheaders-2.6.9-46.16.0.1.x86_64.rpm
GFS-kernel-2.6.9-72.2.0.2.x86_64.rpm
GFS-kernel-largesmp-2.6.9-72.2.0.2.x86_64.rpm
GFS-kernel-smp-2.6.9-72.2.0.2.x86_64.rpm
GFS-kernel-xenU-2.6.9-72.2.0.2.x86_64.rpm
GFS-kernheaders-2.6.9-72.2.0.2.x86_64.rpm
gnbd-kernel-2.6.9-10.20.0.1.x86_64.rpm
gnbd-kernel-largesmp-2.6.9-10.20.0.1.x86_64.rpm
gnbd-kernel-smp-2.6.9-10.20.0.1.x86_64.rpm
gnbd-kernel-xenU-2.6.9-10.20.0.1.x86_64.rpm
gnbd-kernheaders-2.6.9-10.20.0.1.x86_64.rpm
Troy
Troy Dawson wrote:
> Synopsis: Important: kernel security update
> Issue date: 2007-06-25
> CVE Names: CVE-2006-5158 CVE-2006-7203 CVE-2007-0773
> CVE-2007-0958 CVE-2007-1353 CVE-2007-2172
> CVE-2007-2525 CVE-2007-2876 CVE-2007-3104
>
> These new kernel packages contain fixes for the security issues described
> below:
>
> * a flaw in the connection tracking support for SCTP that allowed a remote
> user to cause a denial of service by dereferencing a NULL pointer.
> (CVE-2007-2876, Important)
>
> * a flaw in the mount handling routine for 64-bit systems that allowed a
> local user to cause denial of service (crash). (CVE-2006-7203, Important)
>
> * a flaw in the IPv4 forwarding base that allowed a local user to cause an
> out-of-bounds access. (CVE-2007-2172, Important)
>
> * a flaw in the PPP over Ethernet implementation that allowed a local user
> to cause a denial of service (memory consumption) by creating a socket
> using connect and then releasing it before the PPPIOCGCHAN ioctl has been
> called. (CVE-2007-2525, Important)
>
> * a flaw in the fput ioctl handling of 32-bit applications running on
> 64-bit platforms that allowed a local user to cause a denial of service
> (panic). (CVE-2007-0773, Important)
>
> * a flaw in the NFS locking daemon that allowed a local user to cause
> denial of service (deadlock). (CVE-2006-5158, Moderate)
>
> * a flaw in the sysfs_readdir function that allowed a local user to cause a
> denial of service by dereferencing a NULL pointer. (CVE-2007-3104,
> Moderate)
>
> * a flaw in the core-dump handling that allowed a local user to create core
> dumps from unreadable binaries via PT_INTERP. (CVE-2007-0958, Low)
>
> * a flaw in the Bluetooth subsystem that allowed a local user to trigger an
> information leak. (CVE-2007-1353, Low)
>
> In addition, the following bugs were addressed:
>
> * the NFS could recurse on the same spinlock. Also, NFS, under certain
> conditions, did not completely clean up Posix locks on a file close,
> leading to mount failures.
>
> * the 32bit compatibility didn't return to userspace correct values for the
> rt_sigtimedwait system call.
>
> * the count for unused inodes could be incorrect at times, resulting in
> dirty data not being written to disk in a timely manner.
>
> * the cciss driver had an incorrect disk size calculation (off-by-one
> error) which prevented disk dumps.
>
> NOTE1:
> From The Upstream Vendors release notes
> "During PCI probing, Red Hat Enterprise Linux 4 Update 5 attempts to use
> information obtained from MCFG (memory-mapped PCI configuration space).
> On AMD-systems, this type of access does not work on some buses, as the
> kernel cannot parse the MCFG table.
>
> To work around this, add the parameter pci=conf1 or pci=nommconf on the
> kernel boot line in /etc/grub.conf. For example:
>
> title Red Hat Enterprise Linux AS (2.6.9-42.0.2.EL)
> root (hd0,0)
> kernel /vmlinuz-2.6.9-42.0.2.EL ro
> root=/dev/VolGroup00/LogVol00 rhgb quiet pci=conf1
> initrd /initrd-2.6.9-42.0.2.EL.img
>
> Doing this instructs the kernel to use PCI Conf1 access instead of
> MCFG-based access."
>
> NOTE2:
> From The Upstream Vendors Knowledge Base
> "Why did the ordering of my NIC devices change in Red Hat Enterprise
> Linux 4.5?
>
> The 2.6.9-55 version of the Red Hat Enterprise Linux 4 kernel (Update 5)
> reverts to the 2.4 ordering of network interface cards (NICs) on certain
> systems. Note that if the "HWADDR=MAC ADDRESS" line is present in the
> /etc/sysconfig/network-scripts/ifcfg-ethX files, the NIC ordering will
> not change.
>
> To restore the original 2.6 ordering, which is different from the 2.4
> ordering, boot with the option pci=nobfsort "
>
>
> SL 4.x
>
> SRPMS:
> kernel-2.6.9-55.0.2.EL.src.rpm
> i386:
> kernel-2.6.9-55.0.2.EL.i686.rpm
> kernel-devel-2.6.9-55.0.2.EL.i686.rpm
> kernel-doc-2.6.9-55.0.2.EL.noarch.rpm
> kernel-hugemem-2.6.9-55.0.2.EL.i686.rpm
> kernel-hugemem-devel-2.6.9-55.0.2.EL.i686.rpm
> kernel-smp-2.6.9-55.0.2.EL.i686.rpm
> kernel-smp-devel-2.6.9-55.0.2.EL.i686.rpm
> kernel-xenU-2.6.9-55.0.2.EL.i686.rpm
> kernel-xenU-devel-2.6.9-55.0.2.EL.i686.rpm
>
> Dependancies:
> kernel-module-fuse-2.6.9-55.0.2.EL-2.5.3-1.SL.i686.rpm
> kernel-module-fuse-2.6.9-55.0.2.ELhugemem-2.5.3-1.SL.i686.rpm
> kernel-module-fuse-2.6.9-55.0.2.ELsmp-2.5.3-1.SL.i686.rpm
> kernel-module-fuse-2.6.9-55.0.2.ELxenU-2.5.3-1.SL.i686.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.EL-1.1.0-1.SL4.i686.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.ELhugemem-1.1.0-1.SL4.i686.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.ELsmp-1.1.0-1.SL4.i686.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.ELxenU-1.1.0-1.SL4.i686.rpm
> kernel-module-madwifi-2.6.9-55.0.2.EL-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-2.6.9-55.0.2.ELhugemem-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-2.6.9-55.0.2.ELsmp-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-hal-2.6.9-55.0.2.EL-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-hal-2.6.9-55.0.2.ELhugemem-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-hal-2.6.9-55.0.2.ELsmp-0.9.3.1-10.sl4.i686.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.EL-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.ELhugemem-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.ELsmp-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.ELxenU-1.41-1.SL.i686.rpm
> kernel-module-openafs-2.6.9-55.0.2.EL-1.4.4-46.SL4.i686.rpm
> kernel-module-openafs-2.6.9-55.0.2.ELhugemem-1.4.4-46.SL4.i686.rpm
> kernel-module-openafs-2.6.9-55.0.2.ELsmp-1.4.4-46.SL4.i686.rpm
> kernel-module-openafs-2.6.9-55.0.2.ELxenU-1.4.4-46.SL4.i686.rpm
> kernel-module-r1000-2.6.9-55.0.2.EL-2.2-2.SL4x.i686.rpm
> kernel-module-r1000-2.6.9-55.0.2.ELhugemem-2.2-2.SL4x.i686.rpm
> kernel-module-r1000-2.6.9-55.0.2.ELsmp-2.2-2.SL4x.i686.rpm
> kernel-module-r1000-2.6.9-55.0.2.ELxenU-2.2-2.SL4x.i686.rpm
>
> x86_64:
> kernel-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-devel-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-doc-2.6.9-55.0.2.EL.noarch.rpm
> kernel-largesmp-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-largesmp-devel-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-smp-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-smp-devel-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-xenU-2.6.9-55.0.2.EL.x86_64.rpm
> kernel-xenU-devel-2.6.9-55.0.2.EL.x86_64.rpm
>
> Dependancies:
> kernel-module-fuse-2.6.9-55.0.2.EL-2.5.3-1.SL.x86_64.rpm
> kernel-module-fuse-2.6.9-55.0.2.ELlargesmp-2.5.3-1.SL.x86_64.rpm
> kernel-module-fuse-2.6.9-55.0.2.ELsmp-2.5.3-1.SL.x86_64.rpm
> kernel-module-fuse-2.6.9-55.0.2.ELxenU-2.5.3-1.SL.x86_64.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.EL-1.1.0-1.SL4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.ELlargesmp-1.1.0-1.SL4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.ELsmp-1.1.0-1.SL4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-55.0.2.ELxenU-1.1.0-1.SL4.x86_64.rpm
> kernel-module-madwifi-2.6.9-55.0.2.EL-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-2.6.9-55.0.2.ELlargesmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-2.6.9-55.0.2.ELsmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-hal-2.6.9-55.0.2.EL-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-hal-2.6.9-55.0.2.ELlargesmp-0.9.3.1-10.sl4.x86_64.rpm
>
> kernel-module-madwifi-hal-2.6.9-55.0.2.ELsmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.EL-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.ELlargesmp-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.ELsmp-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-55.0.2.ELxenU-1.41-1.SL.x86_64.rpm
> kernel-module-openafs-2.6.9-55.0.2.EL-1.4.4-46.SL4.x86_64.rpm
> kernel-module-openafs-2.6.9-55.0.2.ELlargesmp-1.4.4-46.SL4.x86_64.rpm
> kernel-module-openafs-2.6.9-55.0.2.ELsmp-1.4.4-46.SL4.x86_64.rpm
> kernel-module-openafs-2.6.9-55.0.2.ELxenU-1.4.4-46.SL4.x86_64.rpm
> kernel-module-r1000-2.6.9-55.0.2.EL-2.2-2.SL4x.x86_64.rpm
> kernel-module-r1000-2.6.9-55.0.2.ELlargesmp-2.2-2.SL4x.x86_64.rpm
> kernel-module-r1000-2.6.9-55.0.2.ELsmp-2.2-2.SL4x.x86_64.rpm
> kernel-module-r1000-2.6.9-55.0.2.ELxenU-2.2-2.SL4x.x86_64.rpm
>
> The upstream vendor has not released the GFS src.rpm yet. When
> they release it we will rebuild and send it out.
>
> -Connie Sieh
> -Troy Dawson
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
|