The GFS and Cluster packages for this kernel are now available. SL 4.x i386: cman-kernel-2.6.9-55.13.el4_7.8.i686.rpm cman-kernel-hugemem-2.6.9-55.13.el4_7.8.i686.rpm cman-kernel-smp-2.6.9-55.13.el4_7.8.i686.rpm cman-kernel-xenU-2.6.9-55.13.el4_7.8.i686.rpm cman-kernheaders-2.6.9-55.13.el4_7.8.i686.rpm cmirror-kernel-2.6.9-43.4.el4_7.8.i686.rpm cmirror-kernel-hugemem-2.6.9-43.4.el4_7.8.i686.rpm cmirror-kernel-smp-2.6.9-43.4.el4_7.8.i686.rpm cmirror-kernel-xenU-2.6.9-43.4.el4_7.8.i686.rpm dlm-kernel-2.6.9-54.11.11.i686.rpm dlm-kernel-hugemem-2.6.9-54.11.11.i686.rpm dlm-kernel-smp-2.6.9-54.11.11.i686.rpm dlm-kernel-xenU-2.6.9-54.11.11.i686.rpm dlm-kernheaders-2.6.9-54.11.11.i686.rpm GFS-kernel-2.6.9-80.9.10.i686.rpm GFS-kernel-hugemem-2.6.9-80.9.10.i686.rpm GFS-kernel-smp-2.6.9-80.9.10.i686.rpm GFS-kernel-xenU-2.6.9-80.9.10.i686.rpm GFS-kernheaders-2.6.9-80.9.10.i686.rpm gnbd-kernel-2.6.9-10.50.el4_7.8.i686.rpm gnbd-kernel-hugemem-2.6.9-10.50.el4_7.8.i686.rpm gnbd-kernel-smp-2.6.9-10.50.el4_7.8.i686.rpm gnbd-kernel-xenU-2.6.9-10.50.el4_7.8.i686.rpm gnbd-kernheaders-2.6.9-10.50.el4_7.8.i686.rpm x86_64: cman-kernel-2.6.9-55.13.el4_7.8.x86_64.rpm cman-kernel-largesmp-2.6.9-55.13.el4_7.8.x86_64.rpm cman-kernel-smp-2.6.9-55.13.el4_7.8.x86_64.rpm cman-kernel-xenU-2.6.9-55.13.el4_7.8.x86_64.rpm cman-kernheaders-2.6.9-55.13.el4_7.8.x86_64.rpm cmirror-kernel-2.6.9-43.4.el4_7.8.x86_64.rpm cmirror-kernel-largesmp-2.6.9-43.4.el4_7.8.x86_64.rpm cmirror-kernel-smp-2.6.9-43.4.el4_7.8.x86_64.rpm cmirror-kernel-xenU-2.6.9-43.4.el4_7.8.x86_64.rpm dlm-kernel-2.6.9-54.11.el4_7.11.x86_64.rpm dlm-kernel-largesmp-2.6.9-54.11.el4_7.11.x86_64.rpm dlm-kernel-smp-2.6.9-54.11.el4_7.11.x86_64.rpm dlm-kernel-xenU-2.6.9-54.11.el4_7.11.x86_64.rpm dlm-kernheaders-2.6.9-54.11.el4_7.11.x86_64.rpm GFS-kernel-2.6.9-80.9.el4_7.10.x86_64.rpm GFS-kernel-largesmp-2.6.9-80.9.el4_7.10.x86_64.rpm GFS-kernel-smp-2.6.9-80.9.el4_7.10.x86_64.rpm GFS-kernel-xenU-2.6.9-80.9.el4_7.10.x86_64.rpm GFS-kernheaders-2.6.9-80.9.el4_7.10.x86_64.rpm gnbd-kernel-2.6.9-10.50.el4_7.8.x86_64.rpm gnbd-kernel-largesmp-2.6.9-10.50.el4_7.8.x86_64.rpm gnbd-kernel-smp-2.6.9-10.50.el4_7.8.x86_64.rpm gnbd-kernel-xenU-2.6.9-10.50.el4_7.8.x86_64.rpm gnbd-kernheaders-2.6.9-10.50.el4_7.8.x86_64.rpm Thanks Troy Dawson Troy J Dawson wrote: > Synopsis: Important: kernel security and bug fix update > Issue date: 2009-01-14 > CVE Names: CVE-2008-3275 CVE-2008-4933 CVE-2008-4934 > CVE-2008-5025 CVE-2008-5029 CVE-2008-5300 > CVE-2008-5702 > > This update addresses the following security issues: > > * the sendmsg() function in the Linux kernel did not block during UNIX > socket garbage collection. This could, potentially, lead to a local denial > of service. (CVE-2008-5300, Important) > > * when fput() was called to close a socket, the __scm_destroy() function in > the Linux kernel could make indirect recursive calls to itself. This could, > potentially, lead to a local denial of service. (CVE-2008-5029, Important) > > * a deficiency was found in the Linux kernel virtual file system (VFS) > implementation. This could allow a local, unprivileged user to make a > series of file creations within deleted directories, possibly causing a > denial of service. (CVE-2008-3275, Moderate) > > * a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog > timer driver. This deficiency could lead to a possible information leak. By > default, the "/dev/watchdog" device is accessible only to the root user. > (CVE-2008-5702, Low) > > * the hfs and hfsplus file systems code failed to properly handle corrupted > data structures. This could, potentially, lead to a local denial of > service. (CVE-2008-4933, CVE-2008-5025, Low) > > * a flaw was found in the hfsplus file system implementation. This could, > potentially, lead to a local denial of service when write operations were > performed. (CVE-2008-4934, Low) > > This update also fixes the following bugs: > > * when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running > Intel® CPUs, the cpuspeed daemon did not run, preventing the CPU speed from > being changed, such as not being reduced to an idle state when not in use. > > * mmap() could be used to gain access to beyond the first megabyte of RAM, > due to insufficient checks in the Linux kernel code. Checks have been added > to prevent this. > > * attempting to turn keyboard LEDs on and off rapidly on keyboards with > slow keyboard controllers, may have caused key presses to fail. > > * after migrating a hypervisor guest, the MAC address table was not > updated, causing packet loss and preventing network connections to the > guest. Now, a gratuitous ARP request is sent after migration. This > refreshes the ARP caches, minimizing network downtime. > > * writing crash dumps with diskdump may have caused a kernel panic on > Non-Uniform Memory Access (NUMA) systems with certain memory > configurations. > > * on big-endian systems, such as PowerPC, the getsockopt() function > incorrectly returned 0 depending on the parameters passed to it when the > time to live (TTL) value equaled 255, possibly causing memory corruption > and application crashes. > > * a problem in the kernel packages provided by the RHSA-2008:0508 advisory > caused the Linux kernel's built-in memory copy procedure to return the > wrong error code after recovering from a page fault on AMD64 and Intel 64 > systems. This may have caused other Linux kernel functions to return wrong > error codes. > > * a divide-by-zero bug in the Linux kernel process scheduler, which may > have caused kernel panics on certain systems, has been resolved. > > * the netconsole kernel module caused the Linux kernel to hang when slave > interfaces of bonded network interfaces were started, resulting in a system > hang or kernel panic when restarting the network. > > * the "/proc/xen/" directory existed even if systems were not running Red > Hat Virtualization. This may have caused problems for third-party software > that checks virtualization-ability based on the existence of "/proc/xen/". > Note: this update will remove the "/proc/xen/" directory on systems not > running Red Hat Virtualization. > > This updated kernel-utils package adds an enhancement in the way of proper > support for user-space frequency-scaling on multi-core systems. > > SL 4.x > > SRPMS: > kernel-2.6.9-78.0.13.EL.src.rpm > kernel-utils-2.4-14.1.117.2.1.src.rpm > i386: > kernel-2.6.9-78.0.13.EL.i686.rpm > kernel-devel-2.6.9-78.0.13.EL.i686.rpm > kernel-doc-2.6.9-78.0.13.EL.noarch.rpm > kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm > kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm > kernel-smp-2.6.9-78.0.13.EL.i686.rpm > kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm > kernel-utils-2.4-14.1.117.2.1.i386.rpm > kernel-xenU-2.6.9-78.0.13.EL.i686.rpm > kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm > Dependancies: > kernel-module-fuse-2.6.9-78.0.13.EL-2.7.3-1.SL.i686.rpm > kernel-module-fuse-2.6.9-78.0.13.ELhugemem-2.7.3-1.SL.i686.rpm > kernel-module-fuse-2.6.9-78.0.13.ELsmp-2.7.3-1.SL.i686.rpm > kernel-module-fuse-2.6.9-78.0.13.ELxenU-2.7.3-1.SL.i686.rpm > kernel-module-ipw3945-2.6.9-78.0.13.EL-1.1.0-1.SL4.i686.rpm > kernel-module-ipw3945-2.6.9-78.0.13.ELhugemem-1.1.0-1.SL4.i686.rpm > kernel-module-ipw3945-2.6.9-78.0.13.ELsmp-1.1.0-1.SL4.i686.rpm > kernel-module-ipw3945-2.6.9-78.0.13.ELxenU-1.1.0-1.SL4.i686.rpm > kernel-module-madwifi-2.6.9-78.0.13.EL-0.9.4-10.sl4.i686.rpm > kernel-module-madwifi-2.6.9-78.0.13.ELhugemem-0.9.4-10.sl4.i686.rpm > kernel-module-madwifi-2.6.9-78.0.13.ELsmp-0.9.4-10.sl4.i686.rpm > kernel-module-madwifi-hal-2.6.9-78.0.13.EL-0.9.4-10.sl4.i686.rpm > kernel-module-madwifi-hal-2.6.9-78.0.13.ELhugemem-0.9.4-10.sl4.i686.rpm > kernel-module-madwifi-hal-2.6.9-78.0.13.ELsmp-0.9.4-10.sl4.i686.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.EL-1.41-1.SL.i686.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.ELhugemem-1.41-1.SL.i686.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.ELsmp-1.41-1.SL.i686.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.ELxenU-1.41-1.SL.i686.rpm > kernel-module-openafs-2.6.9-78.0.13.EL-1.4.7-68.SL4.i686.rpm > kernel-module-openafs-2.6.9-78.0.13.ELhugemem-1.4.7-68.SL4.i686.rpm > kernel-module-openafs-2.6.9-78.0.13.ELsmp-1.4.7-68.SL4.i686.rpm > kernel-module-openafs-2.6.9-78.0.13.ELxenU-1.4.7-68.SL4.i686.rpm > kernel-module-r1000-2.6.9-78.0.13.EL-2.2-2.SL4x.i686.rpm > kernel-module-r1000-2.6.9-78.0.13.ELhugemem-2.2-2.SL4x.i686.rpm > kernel-module-r1000-2.6.9-78.0.13.ELsmp-2.2-2.SL4x.i686.rpm > kernel-module-r1000-2.6.9-78.0.13.ELxenU-2.2-2.SL4x.i686.rpm > kernel-module-xfs-2.6.9-78.0.1.EL-0.4-1.sl4.i386.rpm > > x86_64: > kernel-2.6.9-78.0.13.EL.x86_64.rpm > kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm > kernel-doc-2.6.9-78.0.13.EL.noarch.rpm > kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm > kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm > kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm > kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm > kernel-utils-2.4-14.1.117.2.1.x86_64.rpm > kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm > kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm > Dependancies: > kernel-module-fuse-2.6.9-78.0.13.EL-2.7.3-1.SL.x86_64.rpm > kernel-module-fuse-2.6.9-78.0.13.ELlargesmp-2.7.3-1.SL.x86_64.rpm > kernel-module-fuse-2.6.9-78.0.13.ELsmp-2.7.3-1.SL.x86_64.rpm > kernel-module-fuse-2.6.9-78.0.13.ELxenU-2.7.3-1.SL.x86_64.rpm > kernel-module-ipw3945-2.6.9-78.0.13.EL-1.1.0-1.SL4.x86_64.rpm > kernel-module-ipw3945-2.6.9-78.0.13.ELlargesmp-1.1.0-1.SL4.x86_64.rpm > kernel-module-ipw3945-2.6.9-78.0.13.ELsmp-1.1.0-1.SL4.x86_64.rpm > kernel-module-ipw3945-2.6.9-78.0.13.ELxenU-1.1.0-1.SL4.x86_64.rpm > kernel-module-madwifi-2.6.9-78.0.13.EL-0.9.4-10.sl4.x86_64.rpm > kernel-module-madwifi-2.6.9-78.0.13.ELlargesmp-0.9.4-10.sl4.x86_64.rpm > kernel-module-madwifi-2.6.9-78.0.13.ELsmp-0.9.4-10.sl4.x86_64.rpm > kernel-module-madwifi-hal-2.6.9-78.0.13.EL-0.9.4-10.sl4.x86_64.rpm > kernel-module-madwifi-hal-2.6.9-78.0.13.ELlargesmp-0.9.4-10.sl4.x86_64.rpm > kernel-module-madwifi-hal-2.6.9-78.0.13.ELsmp-0.9.4-10.sl4.x86_64.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.EL-1.41-1.SL.x86_64.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.ELlargesmp-1.41-1.SL.x86_64.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.ELsmp-1.41-1.SL.x86_64.rpm > kernel-module-ndiswrapper-2.6.9-78.0.13.ELxenU-1.41-1.SL.x86_64.rpm > kernel-module-openafs-2.6.9-78.0.13.EL-1.4.7-68.SL4.x86_64.rpm > kernel-module-openafs-2.6.9-78.0.13.ELlargesmp-1.4.7-68.SL4.x86_64.rpm > kernel-module-openafs-2.6.9-78.0.13.ELsmp-1.4.7-68.SL4.x86_64.rpm > kernel-module-openafs-2.6.9-78.0.13.ELxenU-1.4.7-68.SL4.x86_64.rpm > kernel-module-r1000-2.6.9-78.0.13.EL-2.2-2.SL4x.x86_64.rpm > kernel-module-r1000-2.6.9-78.0.13.ELlargesmp-2.2-2.SL4x.x86_64.rpm > kernel-module-r1000-2.6.9-78.0.13.ELsmp-2.2-2.SL4x.x86_64.rpm > kernel-module-r1000-2.6.9-78.0.13.ELxenU-2.2-2.SL4x.x86_64.rpm > > -Connie Sieh > -Troy Dawson > > > > -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________