ELSA-2008-0957

Описание

[2.6.18-92.1.17.0.1.el5]

• [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
• [NFS] nfs attribute timeout fix (Trond Myklebust) [orabug 7156607] [RHBZ 446083]
• [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [orabug 6045759]
• [NET] fix netpoll race (Tina Yang) [orabugz 5791]

[2.6.18-92.1.17.el5]

• Revert: [nfs] pages of a memory mapped file get corrupted (Peter Staubach ) [450335 435291]

[2.6.18-92.1.16.el5]

• [i386] vDSO: use install_special_mapping (Peter Zijlstra ) [460275 460276] {CVE-2008-3527}
• [scsi] aacraid: remove some quirk AAC_QUIRK_SCSI_32 bits (Tomas Henzl ) [466885 453472]
• [fs] remove SUID when splicing into an inode (Eric Sandeen ) [464451 464452] {CVE-2008-3833}
• [fs] open() allows setgid bit when user is not in group (Eugene Teo ) [463867 463687] {CVE-2008-4210}
• [xen] ia64: fix INIT injection (Tetsu Yamamoto ) [467105 464445]

[2.6.18-92.1.15.el5]

• [pci] fix problems with msi interrupt management (Neil Horman ) [461894 428696]
• [x86_64] revert time syscall changes (Prarit Bhargava ) [466427 461184]
• [xen] allow guests to hide the TSC from applications (Chris Lalancette ) [378471 378481] {CVE-2007-5907}
• [scsi] qla2xxx: additional residual-count correction (Marcus Barrow ) [465741 462117]
• [char] add range_is_allowed check to mmap_mem (Eugene Teo ) [460858 460857]
• [fs] binfmt_misc: avoid potential kernel stack overflow (Vitaly Mayatskikh ) [459464 459463]
• [misc] cpufreq: fix format string bug (Vitaly Mayatskikh ) [459461 459460]
• [dlm] user.c input validation fixes (David Teigland ) [458759 458760]
• [nfs] pages of a memory mapped file get corrupted (Peter Staubach ) [450335 435291]
• [x86_64] gettimeofday fixes for HPET, PMTimer, TSC (Prarit Bhargava ) [462860 250708]

[2.6.18-92.1.14.el5]

• [libata] ata_scsi_rbuf_get check for scatterlist usage (David Milburn ) [460638 455445]
• [net] random32: seeding improvement (Jiri Pirko ) [458021 458019]
• [x86_64] xen: local DOS due to NT bit leakage (Eugene Teo ) [457721 457722] {CVE-2006-5755}
• [fs] cifs: fix O_APPEND on directio mounts (Jeff Layton ) [462591 460063]
• [openib] race between QP async handler and destroy_qp (Brad Peters ) [458781 446109]
• [net] dccp_setsockopt_change integer overflow (Vitaly Mayatskikh ) [459232 459235] {CVE-2008-3276}
• [acpi] error attaching device data (peterm@redhat.com ) [460868 459670]
• [mm] optimize ZERO_PAGE in 'get_user_pages' and fix XIP (Anton Arapov ) [452667 452668] {CVE-2008-2372}
• [xen] xennet: coordinate ARP with backend network status (Herbert Xu ) [461457 458934]
• [xen] event channel lock and barrier (Markus Armbruster ) [461099 457086]
• [fs] fix bad unlock_page in pip_to_file() error path (Larry Woodman ) [462436 439917]