RHEL4.5 Eratta Kernel kernel-2.6.9-55.0.2.EL、Oracle's EL kernel-2.6.9-55.0.2.0.1.EL と RHEL4.6候補 Kernel 2.6.9-55.15.EL
[RHSA-2007:0488-01] Important: kernel security update
[El-errata] ELSA-2007-0488 Important: Enterprise Linux 4 kernel security update
にちなんで。
と言いつつ、ちなんでないところから。
stream U6(RHEL4.6) http://people.redhat.com/~jbaron/rhel4/kernel-2.6.spec より 2.6.9-55.8 から 2.6.9-55.15の changelog。
%changelog * Fri Jun 29 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.15] -fix potential oops in ext[23] when acl ERR_PTR not recognized (Eric Sandeen) [241885] -dm: move fn call that could block outside spinlock (Jonathan Brassow) [242068] -Mirror writes to non-synced regions must be marked/cleared in the log (Jonathan Brassow) [242074] -fix sleeping function called from invalid context warning in bridge code (Neil Horman) [241807] -umount: avoid racy block-size set (Eric Sandeen) [234922] -don't add certain scsi devices (Josef Bacik) [244108] -fix overlapping bio's problem in raid5 (Josef Bacik) [244109] -nfs: make sure O_SYNC writes return errors (Jeff Layton) [244709] -ipvs: fix ipvs state variable when service thread fails to start (Neil Horman) [235760] * Thu Jun 28 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.14] -ppc: add eHCA driver (Janice Girouard) [222908] -Resolve ATA issues with HP5750's CDROM (Prarit Bhargava) [226947 240027] -fix for unbalanced cpu scheduling (Ernie Petrides) [239286] -fix libata reference counting (Bryn Reeves) [241215] -4g4g: remove unused var in alloc_ldt() (Jerome Marchand) [223851] -fix netpoll to reply to arp frames over bonded interfaces (Neil Horman) [239551] -Modify EFI to warn for only pre-1.00 tables (Prarit Bhargava) [240378] -fix ipv4 'Treason uncloaked' message (Anton Arapov) [238725] -fix for bogus resource data w/multi-threaded exec (Ernie Petrides) [240349] -Remove non-existing SB600 raid id (Prarit Bhargava) [244041] * Tue Jun 26 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.13] -ext3: fix block bitmap leakage on ENOSPC (Eric Sandeen) [228461] -ppc: fix rt_sigreturn does not restore context after interrupted syscall (Janice Girouard) [194570] -Add smaps functionality to RHEL-4 (Chris Lalancette) [215407] -ext3: handle orphan inodes vs. readonly snapshots (Eric Sandeen) [217928] -fix irqbalance causes oops during PCI removal (Kimball Murray) [229584] -fix sys_flock() double-free (Dave Anderson) [234367] -fix diskdump fails when configure partition#15 device (Nobuhiro Tachino) [228573] -back out previous nfs4_init_client patch and apply upstream version (Jeff Layton) [236606] * Mon Jun 25 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.12] -nfs: fix permission handling for truncate calls (Jeff Layton) [191533] -nfs: Properly retry operations that return NFS4ERR_OLD_STATEID (Jeff Layton) [236606] -nfs: when creating files, only hash the dentry if create was successful (Jeff Layton) [239625] -nfs: add nordirplus option (Jeff Layton) [240122] -nfs: protocol V3 :write procedure patch (Peter Staubach) [222798] -nfs: fix context close race (Josef Bacik) [239039] -nfs: fix mishandling of dentries during create style operations (Peter Staubach) [224424] -sunrpc: fix several NFS server oopses when using krb5i with NFSv3 (Jeff Layton) [227726] -when downsizing RPC response buffer, account for checksum (Jeff Layton) [240419] -fix fcntl(F_SETLEASE, F_WRLCK) for a file on NFS always returns EAGAIN (Peter Staubach) [182616] -tg3: update to version 3.77 (Neil Horman) [229685] * Thu Jun 21 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.11] -natsemi: fix driver hang under heavy load (Andy Gospodarek) [226308] -reduce loglevel for some selinux messages (Eric Paris) [224000] -qeth: fix layer 2 MAC address recovery on virtual interfaces (Chris Snook) [238576] -fix double kfree in smbfs (Jeff Layton) [232211] -clean-up of device-mapper mirror code (Jonathan Brassow) [236270] -device-mapper: unconditionalize log flush (Jonathan Brassow) [235040] -dm-raid1.c: rh_in_sync should be allowed to block (Jonathan Brassow) [236626] -smbfs: add default dir_mode and file_mode when one isn't specified in options (Jeff Layton) [168280] -smbfs: fix slab corruption due to bad error handling in smb_add_request (Jeff Layton) [234300] * Wed Jun 20 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.10] -add support for Intel 6300ESB Watchdog timer (Jason Baron) [228623] -fix 32-bit process running on a 64-bit kernel cannot use IPC msgsnd/msgrcv larger than 64K (Jerome Marchand) [230661] -check to see if AGP is valid before reporting aperture size (Brian Maly) [211580] -nbd: fix race in nbd driver (Neil Horman) [233653] -only set implicit MAY_WRITE intent flag for permission check in open_namei() (Jeff Layton) [229177] -fix nfs_fhget to return appropriate errors (Jeff Layton) [189615] -dio: clean up completion phase of direct_io_worker() (Jeff Moyer) [198859 207114] -aio: fix sleeping function called from invalid context at kernel/workqueue.c (Jeff Moyer) [190729] -aio: fix indefinite hang in process exit path (Jeff Moyer) [210281] * Mon Jun 18 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.9] -remove 'extern inline' declarations (Jason Baron) [179622] -sis900: fix rx ring refill order (Neil Horman) [219085] -make MADV_DONTNEED scalable (Rik van Riel) [237679] -add missing audit_notify_watch() to removexattr (Alexander Viro) [174707] -Fix memory leak in dma_alloc_coherent() (Prarit Bhargava) [243657] -bonding: various upstream cherry-picks (Andy Gospodarek) [223100 160340 232597 230077 225472] -forcedeth: update to driver version 0.60 (Andy Gospodarek) [221910] * Wed Jun 13 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.8] -mask off high order mode bits when doing NFS setattr calls (Jeff Layton) [227188] -fix error handling in check_partition() (Eric Sandeen) [229709] -call mntget() before doing a follow_link() (Josef Bacik) [233119] -fix DoS in PPPOE (Neil Horman) [239823] {CVE-2007-2525} -fix out of bounds fib_probs access vulnerability (Neil Horman) [236387] {CVE-2007-2172} -ip_conntrack_sctp: fix remotely triggerable NULL ptr dereference (Don Howard) [243245] {CVE-2007-2876} -cciss: fix size calculation in diskdump (Bryn Reeves) [243834]
そして本題に戻って、 RHEL 4.5 z-stream ftp://ftp.redhat.com/pub/redhat/linux/updates/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-55.0.2.EL.src.rpm の kernel-2.6.spec より 2.6.9-55.0.1と 2.6.9-55.0.2の changelog。
%changelog * Tue Jun 12 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.0.2] -cciss: fix size calculation in diskdump (Bryn Reeves) [243902] * Mon Jun 11 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.0.1] -fix kernel spinlock panic in nfs/inode.c (Peter Staubach) [240855] -fix core-dumping unreadable binaries via PT_INTERP (Eric Sandeen) [243256] {CVE-2007-0958} -nlm: when reclaiming locks, skip non-posix locks (Jeff Layton) [243251] {CVE-2006-5158} -add missing fput() in a 32-bit ioctl on 64-bit x86 systems (Jeff Burke) [243252] {CVE-2007-0773} -prevent oops in compat_sys_mount with NULL data pointer (Jeff Layton) [243263] {CVE-2006-7203} -fix 32bit-compat rt_sigtimedwait (Guy Streeter) [240458] -nfs: fix repeated NFS mount failures lead to kernel panic (Peter Staubach) [240851] -safely store sysfs inode nrs in the sysfs dirent (Eric Sandeen) [242558] -protect sysfs ->s_dentry w/ locking (Eric Sandeen) [242558] -fix nr_unused accounting (Eric Sandeen) [241784] -fix bluetooth setsockopt() information leaks (Don Howard) [243259] {CVE-2007-1353} -fix DoS in PPPOE (Neil Horman) [243262] {CVE-2007-2525} -fix out of bounds fib_probs access vulnerability (Neil Horman) [243261] {CVE-2007-2172} -ip_conntrack_sctp: fix remotely triggerable NULL ptr dereference (Don Howard) [243746] {CVE-2007-2876}
あれ、http://people.redhat.com/~jbaron/rhel4/kernel-2.6.spec に 240855 ないじゃんとか思ったんだけど、240855 – kernel spinlock panic in inode.c には
This bug has been copied from bug #228076 and has been proposed to be backported to 4.5 z-stream (EUS).
だそうで、 228076 – kernel spinlock panic in inode.c には
committed in stream U6 build 55.4.
だそうで。確かに
* Tue May 22 2007 Jason Baron <jbaron@redhat.com> [2.6.9-55.4]
で
-fix kernel spinlock panic in nfs/inode.c (Peter Staubach) [228076]
ってあった。RHEL4.5 Eratta Kernel候補 07-Jun-2007 13:52更新分 kernel-2.6.9-55.7.EL - tmpfile::memo にもあるけどメモ。
ちなみに http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-55.0.2.0.1.EL.src.rpm の kernel-2.6.spec より 2.6.9-55.0.2.0.1の changelog。
%changelog * Mon Jun 25 2007 Guru Anbalagane <guru.anbalagane@oracle.com> [2.6.9-55.0.2.0.1] - fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) [orabug 5931647] - fix for nfs open call taking longer issue (Chuck Lever) orabug 5580407 bz [219412] - fix enomem due to larger mtu size page alloc (Zach Brown) orabug 5486128 - fix per_cpu() api bug_on with rds (Zach Brown) orabug 5760648 - limit nr_requests in cfq io scheduler ( Jens Axboe) bz 234278 orabug 5899829
ようは Oracle's EL での追加変更は http://d.hatena.ne.jp/tmpfile/20070519/p1 と変化なし。