RHEL4.5 Eratta Kernel kernel-2.6.9-55.0.2.EL、Oracle's EL kernel-2.6.9-55.0.2.0.1.EL と RHEL4.6候補 Kernel 2.6.9-55.15.EL

Linux

[RHSA-2007:0488-01] Important: kernel security update
[El-errata] ELSA-2007-0488 Important: Enterprise Linux 4 kernel security update
にちなんで。

と言いつつ、ちなんでないところから。
stream U6(RHEL4.6) http://people.redhat.com/~jbaron/rhel4/kernel-2.6.spec より 2.6.9-55.8 から 2.6.9-55.15の changelog

%changelog
* Fri Jun 29 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.15]
-fix potential oops in ext[23] when acl ERR_PTR not recognized (Eric Sandeen) [241885]
-dm: move fn call that could block outside spinlock (Jonathan Brassow) [242068]
-Mirror writes to non-synced regions must be marked/cleared in the log (Jonathan Brassow) [242074]
-fix sleeping function called from invalid context warning in bridge code (Neil Horman) [241807]
-umount: avoid racy block-size set (Eric Sandeen) [234922]
-don't add certain scsi devices (Josef Bacik) [244108]
-fix overlapping bio's problem in raid5 (Josef Bacik) [244109]
-nfs: make sure O_SYNC writes return errors (Jeff Layton) [244709]
-ipvs: fix ipvs state variable when service thread fails to start (Neil Horman) [235760]

* Thu Jun 28 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.14]
-ppc: add eHCA driver (Janice Girouard) [222908]
-Resolve ATA issues with HP5750's CDROM (Prarit Bhargava) [226947 240027]
-fix for unbalanced cpu scheduling (Ernie Petrides) [239286]
-fix libata reference counting (Bryn Reeves) [241215]
-4g4g: remove unused var in alloc_ldt() (Jerome Marchand) [223851]
-fix netpoll to reply to arp frames over bonded interfaces (Neil Horman) [239551]
-Modify EFI to warn for only pre-1.00 tables (Prarit Bhargava) [240378]
-fix ipv4 'Treason uncloaked' message (Anton Arapov) [238725]
-fix for bogus resource data w/multi-threaded exec (Ernie Petrides) [240349]
-Remove non-existing SB600 raid id (Prarit Bhargava) [244041]

* Tue Jun 26 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.13]
-ext3: fix block bitmap leakage on ENOSPC (Eric Sandeen) [228461]
-ppc: fix rt_sigreturn does not restore context after interrupted syscall (Janice Girouard) [194570]
-Add smaps functionality to RHEL-4 (Chris Lalancette) [215407]
-ext3: handle orphan inodes vs. readonly snapshots (Eric Sandeen) [217928]
-fix irqbalance causes oops during PCI removal (Kimball Murray) [229584]
-fix sys_flock() double-free (Dave Anderson) [234367]
-fix diskdump fails when configure partition#15 device (Nobuhiro Tachino) [228573]
-back out previous nfs4_init_client patch and apply upstream version (Jeff Layton) [236606]

* Mon Jun 25 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.12]
-nfs: fix permission handling for truncate calls (Jeff Layton) [191533]
-nfs: Properly retry operations that return NFS4ERR_OLD_STATEID (Jeff Layton) [236606]
-nfs: when creating files, only hash the dentry if create was successful (Jeff Layton) [239625]
-nfs: add nordirplus option (Jeff Layton) [240122]
-nfs: protocol V3 :write procedure patch (Peter Staubach) [222798]
-nfs: fix context close race (Josef Bacik) [239039]
-nfs: fix mishandling of dentries during create style operations (Peter Staubach) [224424]
-sunrpc: fix several NFS server oopses when using krb5i with NFSv3 (Jeff Layton) [227726]
-when downsizing RPC response buffer, account for checksum (Jeff Layton) [240419]
-fix fcntl(F_SETLEASE, F_WRLCK) for a file on NFS always returns EAGAIN (Peter Staubach) [182616]
-tg3: update to version 3.77 (Neil Horman) [229685]

* Thu Jun 21 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.11]
-natsemi: fix driver hang under heavy load (Andy Gospodarek) [226308]
-reduce loglevel for some selinux messages (Eric Paris) [224000]
-qeth: fix layer 2 MAC address recovery on virtual interfaces (Chris Snook) [238576]
-fix double kfree in smbfs (Jeff Layton) [232211]
-clean-up of device-mapper mirror code (Jonathan Brassow) [236270]
-device-mapper: unconditionalize log flush (Jonathan Brassow) [235040]
-dm-raid1.c: rh_in_sync should be allowed to block (Jonathan Brassow) [236626]
-smbfs: add default dir_mode and file_mode when one isn't specified in options (Jeff Layton) [168280]
-smbfs: fix slab corruption due to bad error handling in smb_add_request (Jeff Layton) [234300]

* Wed Jun 20 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.10]
-add support for Intel 6300ESB Watchdog timer (Jason Baron) [228623]
-fix 32-bit process running on a 64-bit kernel cannot use IPC msgsnd/msgrcv larger than 64K (Jerome Marchand) [230661]
-check to see if AGP is valid before reporting aperture size (Brian Maly) [211580]
-nbd: fix race in nbd driver (Neil Horman) [233653]
-only set implicit MAY_WRITE intent flag for permission check in open_namei() (Jeff Layton) [229177]
-fix nfs_fhget to return appropriate errors (Jeff Layton) [189615]
-dio: clean up completion phase of direct_io_worker() (Jeff Moyer) [198859 207114]
-aio: fix sleeping function called from invalid context at kernel/workqueue.c (Jeff Moyer) [190729]
-aio: fix indefinite hang in process exit path (Jeff Moyer) [210281]

* Mon Jun 18 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.9]
-remove 'extern inline' declarations (Jason Baron) [179622]
-sis900: fix rx ring refill order (Neil Horman) [219085]
-make MADV_DONTNEED scalable (Rik van Riel) [237679]
-add missing audit_notify_watch() to removexattr (Alexander Viro) [174707]
-Fix memory leak in dma_alloc_coherent() (Prarit Bhargava) [243657]
-bonding: various upstream cherry-picks (Andy Gospodarek) [223100 160340 232597 230077 225472]
-forcedeth: update to driver version 0.60 (Andy Gospodarek) [221910] 

* Wed Jun 13 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.8]
-mask off high order mode bits when doing NFS setattr calls (Jeff Layton) [227188]
-fix error handling in check_partition() (Eric Sandeen) [229709]
-call mntget() before doing a follow_link() (Josef Bacik) [233119]
-fix DoS in PPPOE (Neil Horman) [239823] {CVE-2007-2525}
-fix out of bounds fib_probs access vulnerability (Neil Horman) [236387] {CVE-2007-2172}
-ip_conntrack_sctp: fix remotely triggerable NULL ptr dereference (Don Howard) [243245] {CVE-2007-2876}
-cciss: fix size calculation in diskdump (Bryn Reeves) [243834]

そして本題に戻って、 RHEL 4.5 z-stream ftp://ftp.redhat.com/pub/redhat/linux/updates/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-55.0.2.EL.src.rpm の kernel-2.6.spec より 2.6.9-55.0.1と 2.6.9-55.0.2の changelog

%changelog
* Tue Jun 12 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.0.2]
-cciss: fix size calculation in diskdump (Bryn Reeves) [243902]

* Mon Jun 11 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.0.1]
-fix kernel spinlock panic in nfs/inode.c (Peter Staubach) [240855]
-fix core-dumping unreadable binaries via PT_INTERP (Eric Sandeen) [243256] {CVE-2007-0958}
-nlm: when reclaiming locks, skip non-posix locks (Jeff Layton) [243251] {CVE-2006-5158}
-add missing fput() in a 32-bit ioctl on 64-bit x86 systems (Jeff Burke) [243252] {CVE-2007-0773}
-prevent oops in compat_sys_mount with NULL data pointer (Jeff Layton) [243263] {CVE-2006-7203}
-fix 32bit-compat rt_sigtimedwait (Guy Streeter) [240458]
-nfs: fix repeated NFS mount failures lead to kernel panic (Peter Staubach) [240851]
-safely store sysfs inode nrs in the sysfs dirent (Eric Sandeen) [242558] 
-protect sysfs ->s_dentry w/ locking (Eric Sandeen) [242558]
-fix nr_unused accounting (Eric Sandeen) [241784]
-fix bluetooth setsockopt() information leaks (Don Howard) [243259] {CVE-2007-1353}
-fix DoS in PPPOE (Neil Horman) [243262] {CVE-2007-2525}
-fix out of bounds fib_probs access vulnerability (Neil Horman) [243261] {CVE-2007-2172}
-ip_conntrack_sctp: fix remotely triggerable NULL ptr dereference (Don Howard) [243746] {CVE-2007-2876}

あれ、http://people.redhat.com/~jbaron/rhel4/kernel-2.6.spec に 240855 ないじゃんとか思ったんだけど、240855 – kernel spinlock panic in inode.c には

This bug has been copied from bug #228076 and has been proposed to be backported to 4.5 z-stream (EUS).

だそうで、 228076 – kernel spinlock panic in inode.c には

committed in stream U6 build 55.4.

だそうで。確かに

 * Tue May 22 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.4]

-fix kernel spinlock panic in nfs/inode.c (Peter Staubach) [228076]

ってあった。RHEL4.5 Eratta Kernel候補 07-Jun-2007 13:52更新分 kernel-2.6.9-55.7.EL - tmpfile::memo にもあるけどメモ。


ちなみに http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-55.0.2.0.1.EL.src.rpm の kernel-2.6.spec より 2.6.9-55.0.2.0.1の changelog

%changelog
* Mon Jun 25 2007 Guru Anbalagane <guru.anbalagane@oracle.com> [2.6.9-55.0.2.0.1]
- fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki)  [orabug 5931647]
- fix for nfs open call taking longer issue (Chuck Lever) orabug 5580407 bz [219412]
- fix  enomem due to larger mtu size page alloc (Zach Brown) orabug 5486128
- fix per_cpu() api bug_on with rds (Zach Brown) orabug 5760648
- limit nr_requests in cfq io scheduler ( Jens Axboe) bz 234278 orabug 5899829

ようは Oracle's EL での追加変更は http://d.hatena.ne.jp/tmpfile/20070519/p1 と変化なし。