Skip to content

"SLC5X: Letter K: kernel-headers

kernel-headers - Header files for the Linux kernel for use by glibc

Website: http://www.kernel.org/
License: GPLv2
Vendor: Scientific Linux CERN, https://cern.ch/linux
Description:
Kernel-headers includes the C header files that specify the interface
between the Linux kernel and userspace libraries and programs.  The
header files define structures and constants that are needed for
building most standard programs and are also needed for rebuilding the
glibc package.

Packages

kernel-headers-2.6.18-436.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2018-11-22):
- [x86] call wrmsr_safe_on_cpu instead of wrmsr_on_cpu from spec_ctrl_reinit_all_cpus (Chris von Recklinghausen) [1651481]
kernel-headers-2.6.18-434.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2018-08-23):
- [x86] mm/dump_pagetables: Add a check_l1tf debugfs file (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] cpu: Make flush_l1d visible in /proc/cpuinfo (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] cpufeatures: Add detection of L1D cache flush support. (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] l1tf: protect _PAGE_FILE PTEs against speculation (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Extend 64bit swap file size limit (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] bugs: Move the l1tf function and define pr_fmt properly (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Add sysfs reporting for l1tf (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Protect swap entries against L1TF (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Change order of offset/type in swap entry (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] cpu: Fix incorrect vulnerabilities files function prototypes (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] bugs: Export the internal __cpu_bugs variable (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] spec_ctrl: sync with upstream cpu_set_bug_bits() (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86]  intel-family.h: Add GEMINI_LAKE SOC (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] mm: Fix swap entry comment and macro (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
- [x86] mm: Move swap offset/type up in PTE to work around erratum (Chris von Recklinghausen) [1593378] {CVE-2018-3620 CVE-2018-3646}
kernel-headers-2.6.18-433.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2018-06-28):
- [x86] cpufeatures: Resolve X86_FEATURE_SMEP definition conflict (Radomir Vrbovsky) [1570474]
kernel-headers-2.6.18-431.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2018-05-02):
- [x86] entry/64: do not use DEBUG IST stack for INT3 #BP exceptions (Prarit Bhargava) [1570954] {CVE-2018-8897}
kernel-headers-2.6.18-430.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2018-04-11):
- [mm] vmalloc: optimization, cleanup, bugfixes (Rafael Aquini) [1562529]
kernel-headers-2.6.18-426.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2018-02-07):
- [x86] x86/mm/kaiser: avoid spurious faults while modifying the idt (Rafael Aquini) [1539925]
- [x86] x86/mm/kaiser: map idt_table in shadow pgd individually (Rafael Aquini) [1539925]
- [x86] x86/mm: check PMD in spurious_fault handler (Rafael Aquini) [1539925]
- [x86] x86/mm: make spurious fault handler aware of large mappings (Rafael Aquini) [1539925]
- [x86] x86/mm: ignore spurious faults (Rafael Aquini) [1539925]
- [x86] x86/kexec: clear page before initializing kexec PGD (Rafael Aquini) [1540050]
- [x86] x86/kernel: fix VSYSCALL_HPET shadow mapping placement (Rafael Aquini) [1540043 1540889]
kernel-headers-2.6.18-423.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2017-09-22):
- [fs] binfmt_elf.c: fix bug in loading of PIE binaries (Petr  Matousek) [1492987] {CVE-2017-1000253}
kernel-headers-2.6.18-422.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2017-07-19):
- [mm] Backport upstream 1MB stack guard patch to RHEL5 (Larry Woodman) [1467938]
- Revert [mm] enlarge stack guard gap (Larry Woodman) [1467938]
kernel-headers-2.6.18-420.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2017-06-08):
- [mm] enlarge stack guard gap (Larry Woodman) [1452722] {CVE-2017-1000364 CVE-2017-1000366}
kernel-headers-2.6.18-419.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2017-02-22):
- [net] dccp: Use AF-independent rebuild_header routine (Hannes Frederic Sowa) [1424751]
- [net] dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Hannes Frederic Sowa) [1424633] {CVE-2017-6074}
- [redhat] kernel.spec.template: disable autoloading for dccp proto (Hannes Frederic Sowa) [1425177]
kernel-headers-2.6.18-418.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2017-01-13):
- [sched] prevent NULL deref in find_busiest_group (Denys Vlasenko) [1376523]
kernel-headers-2.6.18-417.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2016-11-19):
- [virt] hv: do not lose pending heartbeat vmbus packets (Vitaly Kuznetsov) [1391167]
- [net] Fix use after free in the recvmmsg exit path (Davide Caratti) [1390044] {CVE-2016-7117}
kernel-headers-2.6.18-416.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2016-10-26):
- [mm] Fix Privilege escalation via MAP_PRIVATE (Larry Woodman) [1385112] {CVE-2016-5195}
kernel-headers-2.6.18-412.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2016-08-01):
- [s390] kernel: Fix tlb flushing with idte. (Hendrik Brueckner) [1350541]
- [fs] Do not double unlock the dcache_lock in d_materialise_unique (Miklos Szeredi) [1198315]
kernel-headers-2.6.18-411.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2016-06-02):
- [fs] fuse: Fixes default ACL inheritance (Rodrigo Freire) [1326905]
kernel-headers-2.6.18-410.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2016-04-08):
- [fs] gfs2: Only refresh newer in-memory timestamps (Abhijith Das) [1304847]
kernel-headers-2.6.18-409.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2016-02-12):
- [fs] ext4: limit group search loop for non-extent files (Lukas Czerner) [1301100]
- [fb] vm: convert fb_mmap to vm_iomap_memory() helper (Jacob Tanenbaum) [1035240] {CVE-2013-2596}
- [s390] add dummy io_remap_pfn_range() to asm-s390/pgtable.h (Jacob Tanenbaum) [1035240] {CVE-2013-2596}
- [mm] vm: add vm_iomap_memory() helper function (Jacob Tanenbaum) [1035240] {CVE-2013-2596}
- [sched] prevent division by zero x->cpu_power (Denys Vlasenko) [1209728]
- [xen] x86: fully ignore segment override for register-only ops (Mateusz Guzik) [1200373] {CVE-2015-2151}
kernel-headers-2.6.18-408.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2015-12-11):
- [net] udp: fix behavior of wrong checksums (Denys Vlasenko) [1240757] {CVE-2015-5364 CVE-2015-5366}
- [net] ipv6/udp: Use correct var to determine non-blocking cond (Denys Vlasenko) [1240757] {CVE-2015-5364 CVE-2015-5366}
- [net] SNMP: Restore Udp6InErrors incrementation (Denys Vlasenko) [1240757] {CVE-2015-5364 CVE-2015-5366}
kernel-headers-2.6.18-407.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2015-10-16):
- [utrace] check ->utrace != NULL in utrace_unsafe_exec() (Oleg Nesterov) [1226967]
- [s390] zcrypt: Fixed reset and interrupt handling of AP queues (Hendrik Brueckner) [1238991]
kernel-headers-2.6.18-406.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2015-05-01):
- [fs] pipe: fix pipe corruption and iovec overrun on partial copy (Mateusz Guzik) [1203787] {CVE-2015-1805}
kernel-headers-2.6.18-404.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2015-03-06):
- [infiniband] core: Prevent integer overflow in ib_umem_get (Doug Ledford) [1179353] {CVE-2014-8159}
kernel-headers-2.6.18-402.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2015-01-08):
- [block] virtio: Reset device after blk_cleanup_queue() (Stefan Hajnoczi) [1006536]
- [block] virtio: Call del_gendisk() before disable guest kick (Stefan Hajnoczi) [1006536]
- [block] virtio: Drop unused request tracking list (Stefan Hajnoczi) [1006536]
- [fs] cifs: setfacl removes part of ACL when setting POSIX ACLs (Sachin Prabhu) [1105625]
- [fs] splice: perform generic write checks (Eric Sandeen) [1155908] {CVE-2014-7822}
- [fs] ext4: verify block bitmap (Lukas Czerner) [1034403]
- [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1034403]
- [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1034403]
- [x86] traps: stop using IST for #SS (Petr Matousek) [1172809] {CVE-2014-9322}
kernel-headers-2.6.18-400.1.1.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2014-12-14):
- [x86] traps: stop using IST for #SS (Petr Matousek) [1172809] {CVE-2014-9322}
kernel-headers-2.6.18-400.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2014-10-17):
- [net] bridge: disable snooping if there is no querier (Frantisek Hrbata) [902454]
- [s390] kernel: sysinfo: convert /proc/sysinfo to seqfile (Alexander Gordeev) [1131283]
- [net] netlink: verify permisions of socket creator (Jiri Benc) [1094266] {CVE-2014-0181}
- [net] netlink: store effective caps at socket() time (Jiri Benc) [1094266] {CVE-2014-0181}
- [net] netlink: Rename netlink_capable netlink_allowed (Jiri Benc) [1094266] {CVE-2014-0181}
- [net] netlink: Fix permission check in netlink_connect() (Jiri Benc) [1094266] {CVE-2014-0181}
- [net] netlink: fix possible spoofing from non-root processes (Jiri Benc) [1094266] {CVE-2014-0181}
- [net] netlink: Make NETLINK_USERSOCK work again (Jiri Benc) [1094266] {CVE-2014-0181}
- [net] netlink: fix for too early rmmod (Jiri Benc) [1094266] {CVE-2014-0181}
kernel-headers-2.6.18-398.el5.i386 [1.5 MiB] Changelog by Alexander Gordeev (2014-08-12):
- [net] security_socket_post_accept before fd_install in sys_accept (Denys Vlasenko) [1059078]
kernel-headers-2.6.18-371.12.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2014-08-07):
- [audit] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102702 1102703] {CVE-2014-3917}
- [mm] writeback: Fix hang when low on memory due to NFS traffic (Larry Woodman) [1125246 1080194]
- [net] tg3: Fix Read DMA workaround for 5719 A0 (Ivan Vecera) [1121017 924590]
- [fs] jbd: don't wake kjournald unnecessarily (Denys Vlasenko) [1116027 1081785]
- [fs] jbd: don't wait (forever) for stale tid caused by wraparound (Denys Vlasenko) [1116027 1081785]
- [fs] ext4: fix waiting and sending of barrier in ext4_sync_file() (Denys Vlasenko) [1116027 1081785]
- [fs] jbd2: Add function jbd2_trans_will_send_data_barrier() (Denys Vlasenko) [1116027 1081785]
- [fs] jbd2: fix sending of data flush on journal commit (Denys Vlasenko) [1116027 1081785]
- [fs] ext4, jbd2: Add barriers for file systems with ext journals (Denys Vlasenko) [1116027 1081785]
- [fs] jbd: fix fsync() tid wraparound bug (Denys Vlasenko) [1116027 1081785]
- [fs] ext4: fix fdatasync() for files with only i_size changes (Eric Sandeen) [1117665 1102768]
kernel-headers-2.6.18-371.11.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2014-06-30):
- [fs] dcache: fix cleanup on warning in d_splice_alias (Denys Vlasenko) [1109720 1080606]
- [net] neigh: Make neigh_add_timer symmetrical to neigh_del_timer (Marcelo Ricardo Leitner) [1111195 1109888]
- [net] neigh: set NUD_INCOMPLETE when probing router reachability (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ipv6: router reachability probing (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ipv6: probe routes asynchronous in rt6_probe (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ndisc: Update neigh->updated with write lock (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ipv6: remove the unnecessary statement in find_match() (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ipv6: fix route selection if CONFIG_IPV6_ROUTER_PREF unset (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ipv6: Fix def route failover when CONFIG_IPV6_ROUTER_PREF=n (Marcelo Ricardo Leitner) [1106354 1090806]
- [net] ipv6: Prefer reachable nexthop only if the caller requests (Marcelo Ricardo Leitner) [1106354 1090806]
- [fs] ext4/jbd2: don't wait forever stale tid caused by wraparound (Eric Sandeen) [1097528 980268]
- [fs] ext4: Initialize fsync transaction ids in ext4_new_inode() (Eric Sandeen) [1097528 980268]
- [fs] jbd2: don't wake kjournald unnecessarily (Eric Sandeen) [1097528 980268]
- [fs] jbd2: fix fsync() tid wraparound bug (Eric Sandeen) [1097528 980268]
- [infiniband] rds: do not deref NULL dev in rds_iw_laddr_check() (Jacob Tanenbaum) [1093311 1093312] {CVE-2014-2678}
- [fs] nfs4: Add recovery for individual stateids - partial backport. (Dave Wysochanski) [1113468 867570]
- [fs] nfs4: Don't start state recovery in nfs4_close_done - clean backport. (Dave Wysochanski) [1113468 867570]
- [xen] page-alloc: scrub anonymous domain heap pages upon freeing (Vitaly Kuznetsov) [1103648 1103649] {CVE-2014-4021}
kernel-headers-2.6.18-371.9.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2014-05-13):
- [nfs] sunrpc: don't use a credential with extra groups (Mateusz Guzik) [1095062 976201]
- [scsi] lpfc: Remove NDLP reference put in lpfc_cmpl_els_logo_acc (Rob Evers) [1096061 1075228]
- [infiniband] rds: dereference of a NULL device (Jacob Tanenbaum) [1079216 1079217] {CVE-2013-7339}
- [kernel] futex: check relative timeouts for overflow (Denys Vlasenko) [1091832 1084168]
- [virt] kvm: correctly detect KVM when hv emulation is enalbed (Jason Wang) [1094152 985767]
- [security] Fix spurious warnings in security_ops_task_setrlimit (Mateusz Guzik) [1092869 916235]
- [block] floppy: don't write kernel-only members to FDRAWCMD output (Denys Vlasenko) [1094302 1094303] {CVE-2014-1738 CVE-2014-1737}
- [block] floppy: ignore kernel-only members in FDRAWCMD input (Denys Vlasenko) [1094302 1094303] {CVE-2014-1738 CVE-2014-1737}
kernel-headers-2.6.18-371.8.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2014-03-28):
- [virt] HID: memory corruption flaw drivers/usb/input/hid-core.c (Jacob Tanenbaum) [1032996 1032999] {CVE-2013-2888}
- [virt] HID: memory corruption flaw in drivers/hv/hid-core.c (Jacob Tanenbaum) [1032996 1032999] {CVE-2013-2888}
- [scsi] lpfc: Fix task management commands having a fixed timeout (Ewan Milne) [1073123 1061120]
- [net] tcp: drop SYN+FIN messages (Jiri Pirko) [1066057 1066058] {CVE-2012-6638}
- [fs] GFS2: Check if glock held in gfs2_readpage (Robert S Peterson) [1073953 1063434]
- [net] sunrpc: fix deadlock in task wakeup code (Jeff Layton) [1073731 998126]
kernel-headers-2.6.18-371.6.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2014-02-18):
- [net] be2net: don't use skb_get_queue_mapping() (Ivan Vecera) [1066302 1063955]
- [ipc] change refcount to atomic_t (Phillip Lougher) [1024866 1024868] {CVE-2013-4483}
- [s390] qeth: buffer overflow in snmp ioctl (Jacob Tanenbaum) [1034402 1034404] {CVE-2013-6381}
- [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob Tanenbaum) [1033531 1033532] {CVE-2013-6383}
- [xen] x86/AMD: work around erratum 793 (Radim Krcmar) [1035834 1035836] {CVE-2013-6885}
- [xen] do not expose hypercalls to rings 1 and 2 of HVM guests (Andrew Jones) [1029112 1029113] {CVE-2013-4554}
- [redhat] kabi: Adding symbol print_hex_dump (Jiri Olsa) [1054055 662558]
- [scsi] Add 'eh_deadline' to limit SCSI EH runtime (Ewan Milne) [1050097 956132]
- [scsi] remove check for 'resetting' (Ewan Milne) [1050097 956132]
- [scsi] dc395: Move 'last_reset' into internal host structure (Ewan Milne) [1050097 956132]
- [scsi] tmscsim: Move 'last_reset' into host structure (Ewan Milne) [1050097 956132]
- [scsi] advansys: Remove 'last_reset' references (Ewan Milne) [1050097 956132]
- [scsi] dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset (Ewan Milne) [1050097 956132]
- [scsi] dpt_i2o: Remove DPTI_STATE_IOCTL (Ewan Milne) [1050097 956132]
- [net] ipv6: fix leaking uninit port number of offender sockaddr (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263}
- [net] fix addr_len/msg->msg_namelen assign in recv_error funcs (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263}
- [net] prevent leakage of uninitialized memory to user in recv (Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7263}
- [net] be2net: prevent Tx stall on SH-R when packet size < 32 (Ivan Vecera) [1051535 1007995]
- [net] be2net: Trim padded packets for Lancer (Ivan Vecera) [1051535 1007995]
- [net] be2net: Pad skb to meet min Tx pkt size in lancer (Ivan Vecera) [1051535 1007995]
- [net] be2net: refactor HW workarounds in be_xmit() (Ivan Vecera) [1051535 1007995]
- [fs] exec/ptrace: fix get_dumpable() incorrect tests (Petr Oros) [1039483 1039484] {CVE-2013-2929}
kernel-headers-2.6.18-371.4.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2014-01-08):
- [char] ipmi: fix message handling during panics (Tony Camuso) [1049731 995293]
- [net] igb: Use 32bit mask calculating the flow control watermarks (Stefan Assmann) [1041694 1036115]
- [fs] NTLM auth and sign - Use appropriate server challenge (Sachin Prabhu) [1029865 1018286]
- [xen] gnttab: correct locking order reversal (Radim Krcmar) [1026245 1026246] {CVE-2013-4494}
kernel-headers-2.6.18-371.3.1.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2013-11-11):
- [net] be2net: don't use GRO for packets w/ re-inserted VLAN tags (Ivan Vecera) [1023348 1008691]
- [net] tg3: call pci_enable_wake() to set power state (John Feeney) [1014973 996331]
- [misc] backport fixes for percpu-rw-semaphore (Mikulas Patocka) [1014715 867997]
- [xen] information leak via I/O instruction emulation (Igor Mammedov) [1009602 1009603] {CVE-2013-4355}
kernel-headers-2.6.18-371.1.2.el5.i386 [1.5 MiB] Changelog by Radomir Vrbovsky (2013-10-07):
- [xen] x86: check segment descriptor read result in 64-bit OUTS emulation (Radim Krcmar) [1012958 1012959] {CVE-2013-4368}
- [md] dm snapshot: fix data corruption (Mikulas Patocka) [1004734 975353] {CVE-2013-4299}
kernel-headers-2.6.18-371.el5.i386 [1.5 MiB] Changelog by Phillip Lougher (2013-09-05):
- [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [987539]
kernel-headers-2.6.18-348.21.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-11-20):
- [md] dm snapshot: fix data corruption (Mikulas Patocka) [1019678 975353] {CVE-2013-4299}
- [misc] backport fixes for percpu-rw-semaphore (Mikulas Patocka) [884735 867997]
- [net] be2net: Activate new FW after FW download for Lancer (Ivan Vecera) [1019892 982590]
- [net] be2net: Fix initialization sequence for Lancer (Ivan Vecera) [1019892 982590]
- [net] be2net: Fix FW download in Lancer (Ivan Vecera) [1019892 982590]
kernel-headers-2.6.18-348.19.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-10-14):
- [fs] gfs2: yield() in shrinker to allow glock_workqueues to run (Abhijith Das) [1006164 928518]
kernel-headers-2.6.18-348.18.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-09-06):
- [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [1005239 987539]
- [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970874 970875] {CVE-2013-2141}
- [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987647 987648] {CVE-2013-4162}
- [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849735 849736] {CVE-2012-3511}
- [fs] autofs: remove autofs dentry mount check (Ian Kent) [1001488 928098]
kernel-headers-2.6.18-348.16.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-07-26):
- [x86_64] Fix kdump failure due to 'x86_64: Early segment setup' (Paolo Bonzini) [988251 987244]
- [xen] skip tracing if it was disabled instead of dying (Igor Mammedov) [987976 967053]
- [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783]
- [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531]
- [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531]
- [x86-64] non lazy 'sleazy' fpu implementation (Prarit Bhargava) [948187 731531]
kernel-headers-2.6.18-348.12.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-07-01):
- Revert: [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071]
- Revert: [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071]
- Revert: [fs] ext4: handle NULL p_ext in ext4_ext_next_allocated_block() (Lukas Czerner) [960014 692071]
- Revert: [fs] ext4: make FIEMAP and delayed allocation play well together (Lukas Czerner) [960014 692071]
- Revert: [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) [960014 692071]
- Revert: [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071]
kernel-headers-2.6.18-348.6.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-04-26):
- [char] ipmi: use a tasklet for handling received messages (Tony Camuso) [953435 947732]
- [char] ipmi: do run_to_completion properly in deliver_recv_msg (Tony Camuso) [953435 947732]
- [fs] nfs4: fix locking around cl_state_owners list (Dave Wysochanski) [954296 948317]
- [fs] nfs: Fix bugs on short read (Sachin Prabhu) [952098 924011]
- [xen] AMD IOMMU: spot missing IO-APIC entries in IVRS table (Igor Mammedov) [910912 910913] {CVE-2013-0153}
- [xen] AMD, IOMMU: Make per-device interrupt remap table default (Igor Mammedov) [910912 910913] {CVE-2013-0153}
- [xen] AMD, IOMMU: Disable IOMMU if SATA Combined mode is on (Igor Mammedov) [910912 910913] {CVE-2013-0153}
- [xen] AMD, IOMMU: On creating entry clean up in remapping tables (Igor Mammedov) [910912 910913] {CVE-2013-0153}
- [xen] ACPI: acpi_table_parse() should return handler's err code (Igor Mammedov) [910912 910913] {CVE-2013-0153}
- [xen] introduce xzalloc() & Co (Igor Mammedov) [910912 910913] {CVE-2013-0153}
- [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531]
- [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531]
- [x86-64] non lazy 'sleazy' fpu implementation (Prarit Bhargava) [948187 731531]
kernel-headers-2.6.18-348.4.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-03-22):
- [virt] xen-netback: backports (Andrew Jones) [910884 910885] {CVE-2013-0216}
- [virt] xen-netback: netif_schedulable should take a netif (Andrew Jones) [910884 910885] {CVE-2013-0216}
- [virt] pciback: rate limit error mess from pciback_enable_msi() (Igor Mammedov) [910876 910877] {CVE-2013-0231}
- [net] be2net: remove BUG_ON() in be_mcc_compl_is_new() (Ivan Vecera) [923910 907524]
- [net] ipv4: Update MTU to all related cache entries (Amerigo Wang) [923353 905190]
- [net] annotate rt_hash_code() users (Amerigo Wang) [923353 905190]
- [net] xfrm_user: fix info leak in copy_to_user_state() (Thomas Graf) [922426 922427] {CVE-2012-6537}
- [net] xfrm_user: fix info leak in copy_to_user_policy() (Thomas Graf) [922426 922427] {CVE-2012-6537}
- [net] xfrm_user: fix info leak in copy_to_user_tmpl() (Thomas Graf) [922426 922427] {CVE-2012-6537}
- [net] atm: fix info leak in getsockopt(SO_ATMPVC) (Thomas Graf) [922384 922385] {CVE-2012-6546}
- [net] atm: fix info leak via getsockname() (Thomas Graf) [922384 922385] {CVE-2012-6546}
- [net] tun: fix ioctl() based info leaks (Thomas Graf) [922348 922349] {CVE-2012-6547}
- [net] llc, zero sockaddr_llc struct (Thomas Graf) [922327 922329] {CVE-2012-6542}
- [net] llc: fix info leak via getsockname() (Thomas Graf) [922327 922329] {CVE-2012-6542}
- [net] xfrm_user: return error pointer instead of NULL (Thomas Graf) [919386 919387] {CVE-2013-1826}
- [net] ixgbevf: allocate room for mailbox MSI-X interrupt's name (Laszlo Ersek) [924134 862862]
- [fs] knfsd: allow nfsd READDIR to return 64bit cookies (Niels de Vos) [924087 918952]
kernel-headers-2.6.18-348.3.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-03-05):
- [utrace] ensure arch_ptrace() can never race with SIGKILL (Oleg Nesterov) [912071 912072] {CVE-2013-0871}
- [x86] msr: Add capabilities check (Nikola Pajkovsky) [908696 908697] {CVE-2013-0268}
kernel-headers-2.6.18-348.2.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2013-02-07):
- [misc] tainted flags, fix buffer size (Prarit Bhargava) [905829 901547]
- [net] be2net: fix unconditionally returning IRQ_HANDLED in INTx (Ivan Vecera) [884704 878316]
- [net] be2net: fix INTx ISR for interrupt behaviour on BE2 (Ivan Vecera) [884704 878316]
- [net] be2net: fix a possible events_get() race on BE2 (Ivan Vecera) [884704 878316]
- [firmware] Expand kernel boot-time storage for DMI table structs (Lenny Szubowicz) [902683 862865]
- [fs] udf: Fortify loading of sparing table (Nikola Pajkovsky) [843140 843141] {CVE-2012-3400}
- [fs] udf: Improve table length check to avoid possible overflow (Nikola Pajkovsky) [843140 843141] {CVE-2012-3400}
- [fs] udf: Avoid run away loop when partition table is corrupted (Nikola Pajkovsky) [843140 843141] {CVE-2012-3400}
kernel-headers-2.6.18-348.1.1.el5.i386 [1.4 MiB] Changelog by Alexander Gordeev (2012-12-14):
- [pci] intel-iommu: reduce max num of domains supported (Don Dutile) [886876 885125]
- [fs] gfs2: Fix leak of cached directory hash table (Steven Whitehouse) [886124 831330]
- [x86] mm: randomize SHLIB_BASE (Petr Matousek) [804953 804954] {CVE-2012-1568}
- [net] be2net: create RSS rings even in multi-channel configs (Ivan Vecera) [884702 878209]
- [net] tg3: Avoid dma read error (John Feeney) [885692 877474]
- [misc] Fix unsupported hardware message (Prarit Bhargava) [885063 876587]
- [net] ipv6: discard overlapping fragment (Jiri Pirko) [874837 874838] {CVE-2012-4444}
- [usb] Fix serial port reference counting on hotplug remove (Don Zickus) [885700 845447]
- [net] bridge: export its presence and fix bonding igmp reporting (Veaceslav Falico) [884742 843473]
- [fs] nfs: move wait for server->active from put_super to kill_sb (Jeff Layton) [884708 839839]
- [scsi] libfc: fix indefinite rport restart (Neil Horman) [884740 595184]
- [scsi] libfc: Retry a rejected PRLI request (Neil Horman) [884740 595184]
- [scsi] libfc: Fix remote port restart problem (Neil Horman) [884740 595184]
- [xen] memop: limit guest specified extent order (Laszlo Ersek) [878449 878450] {CVE-2012-5515}
- [xen] get bottom of EBDA from the multiboot data structure (Paolo Bonzini) [885062 881885]
kernel-headers-2.6.18-348.el5.i386 [1.4 MiB] Changelog by Phillip Lougher (2012-11-28):
- Revert: [x86] exclude iomem resource over 4G for i686 non PAE ... (Phillip Lougher) [880068]
kernel-headers-2.6.18-308.24.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-11-21):
- Revert: [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004]
kernel-headers-2.6.18-308.20.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-11-06):
- Revert: [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568}
kernel-headers-2.6.18-308.16.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-09-18):
- Revert: [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191]
- Revert: [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191]
- Revert: [fs] nfsd: rename 'int access' to 'int may_flags' in nfsd_open() (Eric Sandeen) [847943 784191]
- Revert: [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191]
- Revert: [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191]
- Revert: [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191]
- Revert: [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]
- Revert: [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191]
- Revert: [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]
- Revert: [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191]
- Revert: [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191]
- Revert: [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191]
kernel-headers-2.6.18-308.13.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-07-26):
- [net] e1000e: Cleanup logic in e1000_check_for_serdes_link_82571 (Dean Nelson) [841370 771366]
- [net] e1000e: Correct link check logic for 82571 serdes (Dean Nelson) [841370 771366]
- [mm] NULL pointer dereference in __vm_enough_memory (Jerome Marchand) [840077 836244]
- [fs] dlm: fix slow rsb search in dir recovery (David Teigland) [838140 753244]
- [fs] autofs: propogate LOOKUP_DIRECTORY flag only for last comp (Ian Kent) [830264 814418]
- [fs] ext4: properly dirty split extent nodes (Eric Sandeen) [840946 839770]
- [scsi] don't offline devices with a reservation conflict (David Jeffery) [839196 835660]
- [fs] ext4: Fix overflow caused by missing cast in ext4_fallocate (Lukas Czerner) [837226 830351]
- [net] dl2k: Clean up rio_ioctl (Weiping Pan) [818822 818823] {CVE-2012-2313}
- [x86] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [835450 834562]
- [net] tg3: Fix TSO handling (John Feeney) [833182 795672]
- [input] evdev: use after free from open/disconnect race (David Jeffery) [832448 822166]
kernel-headers-2.6.18-308.11.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-06-15):
- [net] ixgbe: remove flow director stats (Andy Gospodarek) [832169 830226]
- [net] ixgbe: fix default return value for ixgbe_cache_ring_fdir (Andy Gospodarek) [832169 830226]
- [net] ixgbe: reverting setup redirection table for multiple packet buffers (Andy Gospodarek) [832169 830226]
kernel-headers-2.6.18-308.8.2.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-05-29):
- [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217}
- [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217}
- [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970]
kernel-headers-2.6.18-308.8.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-05-04):
- [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136}
- [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011]
- [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800]
- [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489]
- [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799]
kernel-headers-2.6.18-308.4.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-03-28):
- [net] ipv6: fix skb double free in xfrm6_tunnel (Jiri Benc) [752305 743375] {CVE-2012-1583}
kernel-headers-2.6.18-308.1.1.el5.i386 [1.3 MiB] Changelog by Alexander Gordeev (2012-02-17):
- Revert: [scsi] qla2xxx: avoid SCSI host_lock dep in queuecommand (Chad Dupuis) [790907 782790]
- Revert: [scsi] qla2xxx: fix IO failure during chip reset (Chad Dupuis) [790907 782790]
- [net] tg3: Fix 4k tx and recovery code (John Feeney) [790910 782677]
- [net] bnx2x: make bnx2x_close static again (Michal Schmidt) [790912 782124]
- [net] bnx2x: add fan failure event handling (Michal Schmidt) [790912 782124]
- [usb] cdc-acm: make lock use interrupt safe (Bryn M. Reeves) [790778 789067]
- [kernel] sysctl: restrict write access to dmesg_restrict (Phillip Lougher) [749246 749247]
- [net] igb: reset PHY after recovering from PHY power down (Stefan Assmann) [786168 783043]
- [fs] prevent lock contention in shrink_dcache_sb via private list (Lachlan McIlroy) [789369 746122]
kernel-headers-2.6.18-308.el5.i386 [1.3 MiB] Changelog by Jarod Wilson (2012-01-27):
- [scsi] lpfc: Update lpfc version for 8.2.0.108.4p driver release (Rob Evers) [784073]
- [scsi] lpfc: Fix FCP EQ memory check init w/single int vector (Rob Evers) [784073]
kernel-headers-2.6.18-274.18.1.el5.i386 [1.3 MiB] Changelog by Phillip Lougher (2012-01-20):
- [misc] Move exit_robust_list to mm_release, null lists on cleanup (Laszlo Ersek) [771774 750283] {CVE-2012-0028}
- [block] disable SG_IO ioctls on virtio-blk devices (Paolo Bonzini) [773322 771592]
- [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [fs] ext4: fix BUG_ON() in ext4_ext_insert_extent() (Lukas Czerner) [747943 747946] {CVE-2011-3638}
- [scsi] don't fail scans when host is in recovery (Rob Evers) [772162 657345]
- [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [783477 783284] {CVE-2011-4086}
- [net] igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Jiri Pirko) [772868 772869] {CVE-2012-0207}
kernel-headers-2.6.18-274.17.1.el5.i386 [1.3 MiB] Changelog by Phillip Lougher (2012-01-04):
- Revert:  [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- Revert:  [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- Revert:  [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- Revert:  [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
kernel-headers-2.6.18-274.12.1.el5.i386 [1.3 MiB] Changelog by Phillip Lougher (2011-11-08):
- Revert: [virt] kvm: fix lost tick accounting for 32 bit kvm-clock (Rik van Riel) [747875 731599]
kernel-headers-2.6.18-274.7.1.el5.i386 [1.3 MiB] Changelog by Phillip Lougher (2011-10-17):
- Revert: [xen] passthrough: block VT-d MSI trap injection (Paolo Bonzini) [716301 716302] {CVE-2011-1898}
kernel-headers-2.6.18-274.3.1.el5.i386 [1.3 MiB] Changelog by Don Howard (2011-08-26):
- [xen] fix off-by-one shift in x86_64 __addr_ok (Laszlo Ersek) [728043 719850] {CVE-2011-2901}
kernel-headers-2.6.18-274.el5.i386 [1.3 MiB] Changelog by Jarod Wilson (2011-07-08):
- [xen] svm: fix invlpg emulator regression (Paolo Bonzini) [719894]
kernel-headers-2.6.18-238.19.1.el5.i386 [1.2 MiB] Changelog by Phillip Lougher (2011-07-10):
- Revert: [xen] hvm: svm support cleanups (Andrew Jones) [703715 702657] {CVE-2011-1780}
- Revert: [xen] hvm: secure svm_cr_access (Andrew Jones) [703715 702657] {CVE-2011-1780}
- Revert: [xen] let __get_instruction_length always read into own buffer (Paolo Bonzini) [719066 717742]
- Revert: [xen] remove unused argument to __get_instruction_length (Phillip Lougher) [719066 717742]
- Revert: [xen] prep __get_instruction_length_from_list for partial buffers (Paolo Bonzini) [719066 717742]
- Revert: [xen] disregard trailing bytes in an invalid page (Paolo Bonzini) [719066 717742]
kernel-headers-2.6.18-238.12.1.el5.i386 [1.1 MiB] Changelog by Phillip Lougher (2011-05-08):
- [x86_64] Ignore spurious IPIs left over from crash kernel (Myron Stowe) [699610 692921]
- [i386] Ignore spurious IPIs left over from crash kernel (Myron Stowe) [699610 692921]
- [xen] fix MAX_EVTCHNS definition (Laszlo Ersek) [701242 701240]
- [net] ixgbe: fix for link failure on SFP+ DA cables (Don Howard) [696181 653236]
- [net] netxen: limit skb frags for non tso packet (Phillip Lougher) [699609 672368]
- [block] cciss: fix lost command problem (Phillip Lougher) [696503 696153]
- [fs] gfs2: fix filesystem hang caused by incorrect lock order (Robert S Peterson) [688855 656032]
- [fs] gfs2: restructure reclaim of unlinked dinodes (Phillip Lougher) [688855 656032]
- [fs] gfs2: unlock on gfs2_trans_begin error (Robert S Peterson) [688855 656032]
- [scsi] mpt2sas: prevent heap overflows and unchecked access (Tomas Henzl) [694526 694527] {CVE-2011-1495 CVE-2011-1494}
- [net] bridge/netfilter: fix ebtables information leak (Don Howard) [681325 681326] {CVE-2011-1080}
- [net] bluetooth: fix sco information leak to userspace (Don Howard) [681310 681311] {CVE-2011-1078}
- [fs] fix corrupted GUID partition table kernel oops (Jerome Marchand) [695979 695980] {CVE-2011-1577}
- [xen] x86/domain: fix error checks in arch_set_info_guest (Laszlo Ersek) [688581 688582] {CVE-2011-1166}
- [net] bridge: fix initial packet flood if !STP (Jiri Pirko) [701222 695369]
- [fs] nfsd: fix auth_domain reference leak on nlm operations (J. Bruce Fields) [697448 589512]
- [scsi] qla2xxx: no reset/fw-dump on CT/ELS pt req timeout (Chad Dupuis) [689700 660386]
- [mm] set barrier and send tlb flush to all affected cpus (Prarit Bhargava) [696908 675793]
kernel-headers-2.6.18-238.9.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2011-03-18):
- [md] dm-mpath: fix NULL deref when path parameter missing (Mike Snitzer) [683443 673058]
- [md] dm-mpath: wait for pg_init completion on suspend (Mike Snitzer) [683443 673058]
- [md] dm-mpath: hold io until all pg_inits completed (Mike Snitzer) [683443 673058]
- [md] dm-mpath: skip activate_path for failed paths (Mike Snitzer) [683443 673058]
- [md] dm-mpath: pass struct pgpath to pg init done (Mike Snitzer) [683443 673058]
- [md] dm-mpath: prevent io from work queue while suspended (Mike Snitzer) [683443 673058]
- [md] dm-mpath: add mutex to sync adding and flushing work (Mike Snitzer) [683443 673058]
- [md] dm-mpath: flush workqueues before suspend completes (Mike Snitzer) [683443 673058]
kernel-headers-2.6.18-238.5.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2011-02-21):
- [x86_64] vdso: fix gtod via export of sysctl_vsyscall (Prarit Bhargava) [678613 673616]
kernel-headers-2.6.18-238.1.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2011-01-04):
- [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [667141 665427]
- [fs] gfs2: fix statfs error after gfs2_grow (Robert S Peterson) [666792 660661]
- [mm] prevent file lock corruption using popen(3) (Larry Woodman) [667050 664931]
- [net] sctp: fix panic from bad socket lock on icmp error (Neil Horman) [665476 665477] {CVE-2010-4526}
kernel-headers-2.6.18-238.el5.i386 [1.1 MiB] Changelog by Jarod Wilson (2010-12-19):
- [net] bnx2: remove extra call to pci_map_page (John Feeney) [663509]
- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [663853]
kernel-headers-2.6.18-194.32.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2010-12-20):
- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [664416 663853]
kernel-headers-2.6.18-194.26.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2010-10-29):
- [net] mlx4: bump max log_mtts_per_seg memory reservation (Jay Fenlason) [643806 636198]
kernel-headers-2.6.18-194.17.4.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2010-10-20):
- [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904}
kernel-headers-2.6.18-194.17.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2010-09-20):
- Syncing following patch from branched build:
- [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081}
kernel-headers-2.6.18-194.11.4.el5.i386 [1.1 MiB] Changelog by Don Howard (2010-09-17):
- [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081}
kernel-headers-2.6.18-194.11.3.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2010-08-23):
- [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240}
kernel-headers-2.6.18-194.8.1.el5.i386 [1.1 MiB] Changelog by Jiri Pirko (2010-06-23):
- [net] cnic: fix bnx2x panic w/multiple interfaces enabled (Stanislaw Gruszka) [607087 602402]
kernel-headers-2.6.18-194.3.1.el5.i386 [1.0 MiB] Changelog by Jiri Pirko (2010-05-02):
- [net] bnx2: fix lost MSI-X problem on 5709 NICs (John Feeney) [587799 511368]
kernel-headers-2.6.18-194.el5.i386 [1.0 MiB] Changelog by Jarod Wilson (2010-03-16):
- [net] mlx4: pass attributes down to vlan interfaces (Doug Ledford) [573098]
- [block] cfq-iosched: fix sequential read perf regression (Jeff Moyer) [571818]
kernel-headers-2.6.18-164.15.1.el5.i386 [1020 KiB] Changelog by Jiri Pirko (2010-03-01):
- [net] sctp: backport cleanups for ootb handling V2 (Neil Horman) [555666 555667] {CVE-2010-0008}
- Reverting: [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008}
kernel-headers-2.6.18-164.11.1.el5.i386 [1017 KiB] Changelog by Jiri Pirko (2010-01-06):
- [firewire] ohci: handle receive packets with zero data (Jay Fenlason) [547241 547242] {CVE-2009-4138}
- [x86] sanity check for AMD northbridges (Andrew Jones) [549905 547518]
- [x86_64] disable vsyscall in kvm guests (Glauber Costa) [550968 542612]
- [fs] ext3: replace lock_super with explicit resize lock (Eric Sandeen) [549908 525100]
- [fs] respect flag in do_coredump (Danny Feng) [544188 544189] {CVE-2009-4036}
- [gfs2] make O_APPEND behave as expected (Steven Whitehouse) [547521 544342]
- [fs] hfs: fix a potential buffer overflow (Amerigo Wang) [540740 540741] {CVE-2009-4020}
- [fuse] prevent fuse_put_request on invalid pointer (Danny Feng) [538736 538737] {CVE-2009-4021}
- [mm] call vfs_check_frozen after unlocking the spinlock (Amerigo Wang) [548370 541956]
- [infiniband] init neigh->dgid.raw on bonding events (Doug Ledford) [543448 538067]
- [scsi] gdth: prevent negative offsets in ioctl (Amerigo Wang) [539420 539421] {CVE-2009-3080}
- [fs] gfs2: fix glock ref count issues (Steven Whitehouse) [544978 539240]
- [net] call cond_resched in rt_run_flush (Amerigo Wang) [547530 517588]
- [scsi] megaraid: fix sas permissions in sysfs (Casey Dahlin) [537312 537313] {CVE-2009-3889 CVE-2009-3939}
- [ia64] kdump: restore registers in the stack on init (Takao Indoh ) [542582 515753]
- [x86] kvm: don't ask HV for tsc khz if not using kvmclock (Glauber Costa ) [537027 531268]
- [net] sched: fix panic in bnx2_poll_work (John Feeney ) [539686 526481]
- [x86_64] fix 32-bit process register leak (Amerigo Wang ) [526797 526798]
- [cpufreq] add option to avoid smi while calibrating (Matthew Garrett ) [537343 513649]
- [kvm] use upstream kvm_get_tsc_khz (Glauber Costa ) [540896 531025]
- [net] fix unbalance rtnl locking in rt_secret_reschedule (Neil Horman ) [549907 510067]
- [net] r8169: imporved rx length check errors (Neil Horman ) [552913 552438]
- [scsi] lpfc: fix FC ports offlined during target controller faults (Rob Evers ) [549906 516541]
- [net] emergency route cache flushing fixes (Thomas Graf ) [545662 545663] {CVE-2009-4272}
- [fs] fasync: split 'fasync_helper()' into separate add/remove functions (Danny Feng ) [548656 548657] {CVE-2009-4141}
- [scsi] qla2xxx: NPIV vport management pseudofiles are world writable (Tom Coughlan ) [537317 537318] {CVE-2009-3556}
kernel-headers-2.6.18-164.10.1.el5.i386 [1015 KiB] Changelog by Jiri Pirko (2009-12-30):
- [net] e1000, r9169: fix rx length check errors (Cong Wang ) [550914 550915]
- [net] e1000e: fix rx length check errors (Amerigo Wang ) [551222 551223]
- [net] ipv6: fix ipv6_hop_jumbo remote system crash (Amerigo Wang ) [548642 548643] {CVE-2007-4567}
kernel-headers-2.6.18-164.9.1.el5.i386 [1015 KiB] Changelog by Jiri Pirko (2009-12-09):
- [x86] fix stale data in shared_cpu_map cpumasks (Prarit Bhargava) [545583 541953]
kernel-headers-2.6.18-164.6.1.el5.i386 [1010 KiB] Changelog by Jiri Pirko (2009-10-27):
- [fs] fix pipe null pointer dereference (Jeff Moyer) [530938 530939] {CVE-2009-3547}
- [security] require root for mmap_min_addr (Eric Paris ) [518142 518143] {CVE-2009-2695}
- [net] lvs: adjust sync protocol handling for ipvsadm -2 (Neil Horman ) [528645 524129]
- [xen] allow booting with broken serial hardware (Chris Lalancette ) [524153 518338]
kernel-headers-2.6.18-164.2.1.el5.i386 [1009 KiB] Changelog by Jiri Pirko (2009-09-21):
- [x86_64] kvm: bound last_kvm to prevent backwards time (Glauber Costa ) [524527 524076]
- [x86] kvm: fix vsyscall going backwards (Glauber Costa ) [524527 524076]
- [misc] fix RNG to not use first generated random block (Neil Horman ) [523289 522860]
- [x86] kvm: mark kvmclock_init as cpuinit (Glauber Costa ) [524151 523450]
- [x86_64] kvm: allow kvmclock to be overwritten (Glauber Costa ) [524150 523447]
- [x86] kvmclock: fix bogus wallclock value (Glauber Costa ) [524152 519771]
- [scsi] scsi_dh_rdace: add more sun hardware (mchristi@redhat.com ) [523237 518496]
- [misc] cprng: fix cont test to be fips compliant (Neil Horman ) [523290 523259]
- [net] bridge: fix LRO crash with tun (Andy Gospodarek ) [522636 483646]
- Revert: [x86_64] fix gettimeoday TSC overflow issue - 1 (Don Zickus ) [489847 467942]
- Revert: [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002}
kernel-headers-2.6.18-164.el5.i386 [1006 KiB] Changelog by Don Zickus (2009-08-18):
- [misc] information leak in sigaltstack (Vitaly Mayatskikh ) [515396]
- [misc] execve: must clear current->clear_child_tid (Oleg Nesterov ) [515429]
- [net] igb: set lan id prior to configuring phy (Stefan Assmann ) [508870]
- [net] udp: socket NULL ptr dereference (Vitaly Mayatskikh ) [518043] {CVE-2009-2698}
kernel-headers-2.6.18-128.7.1.el5.i386 [935 KiB] Changelog by Jiri Pirko (2009-08-19):
- [net] prevent null pointer dereference in udp_sendmsg (Vitaly Mayatskikh) [518047 518043] {CVE-2009-2698}
kernel-headers-2.6.18-128.4.1.el5.i386 [935 KiB] Changelog by Don Howard (2009-07-23):
- [fs] ecryptfs: check tag 11 packet literal data buffer size (Eric Sandeen ) [512862 512863] {CVE-2009-2406}
- [fs] ecryptfs: check tag 3 packet encrypted key size (Eric Sandeen ) [512886 512887] {CVE-2009-2407}
- [misc] personality handling: fix PER_CLEAR_ON_SETID (Vitaly Mayatskikh ) [511173 508842] {CVE-2009-1895}
- [xen] HV: remove high latency spin_lock (Chris Lalancette ) [512311 459410]
kernel-headers-2.6.18-128.2.1.el5.i386 [920 KiB] Changelog by Jiri Pirko (2009-07-09):
- Revert: [mm] cow vs gup race fix (Andrea Arcangeli ) [486921 471613]
- Revert: [mm] fork vs gup race fix (Andrea Arcangeli ) [486921 471613]
- Revert: [mm] fix swap race condition in fork-gup-race patch (Andrea Arcangeli ) [507297 506684]
- Revert: [mm] prevent panic in copy_hugetlb_page_range (Larry Woodman ) [508030 507860]
kernel-headers-2.6.18-128.1.16.el5.i386 [919 KiB] Changelog by Jiri Pirko (2009-06-27):
- [mm] prevent panic in copy_hugetlb_page_range (Larry Woodman ) [508030 507860]
kernel-headers-2.6.18-128.1.14.el5.i386 [932 KiB] Changelog by Jiri Pirko (2009-06-01):
- [nfs] v4: client handling of MAY_EXEC in nfs_permission (Peter Staubach ) [500301 500302] {CVE-2009-1630}
- [fs] proc: avoid info leaks to non-privileged processes (Amerigo Wang ) [499546 499541]
- [net] tg3: Fix firmware event timeouts (Jiri Pirko ) [502837 481715]
- [scsi] libiscsi: fix nop response/reply and session cleanup race (Jiri Pirko ) [502916 497411]
- [fs] cifs: fix pointer and checks in cifs_follow_symlink (Jeff Layton ) [496576 496577] {CVE-2009-1633}
- [fs] cifs: fix error handling in parse_DFS_referrals (Jeff Layton ) [496576 496577] {CVE-2009-1633}
- [fs] cifs: buffer overruns when converting strings (Jeff Layton ) [496576 496577] {CVE-2009-1633}
- [fs] cifs: unicode alignment and buffer sizing problems (Jeff Layton ) [494279 494280] {CVE-2009-1439}
- [x86] xen: fix local denial of service (Chris Lalancette ) [500950 500951] {CVE-2009-1758}
- [misc] compile: add -fwrapv to gcc CFLAGS (Don Zickus ) [501751 491266]
- [misc] random: make get_random_int more random (Amerigo Wang ) [499783 499776]
- [gfs2] fix uninterruptible quotad sleeping (Steven Whitehouse ) [501742 492943]
- [mm] cow vs gup race fix (Andrea Arcangeli ) [486921 471613]
- [mm] fork vs gup race fix (Andrea Arcangeli ) [486921 471613]
- [nfs] fix hangs during heavy write workloads (Peter Staubach ) [486926 469848]
kernel-headers-2.6.18-128.1.10.el5.i386 [930 KiB] Changelog by Jiri Pirko (2009-04-29):
- [fs] fix softlockup in posix_locks_deadlock (Josef Bacik ) [496842 476659]
kernel-headers-2.6.18-128.el5.i386 [940 KiB] Changelog by Don Zickus (2008-12-17):
- [cifs] cifs_writepages may skip unwritten pages (Jeff Layton ) [470267]
kernel-headers-2.6.18-92.1.18.el5.i386 [850 KiB] Changelog by Jiri Pirko (2008-11-05):
- [xen] x86: allow the kernel to boot on pre-64 bit hw (Chris Lalancette ) [470040 468083]
kernel-headers-2.6.18-92.1.17.el5.i386 [863 KiB] Changelog by Jiri Pirko (2008-10-22):
- Revert: [nfs] pages of a memory mapped file get corrupted (Peter Staubach ) [450335 435291]
kernel-headers-2.6.18-92.1.13.el5.i386 [861 KiB] Changelog by Jiri Pirko (2008-09-04):
- [md] fix crashes in iterate_rdev (Doug Ledford ) [460128 455471]
- [sound] snd_seq_oss_synth_make_info info leak (Eugene Teo ) [458000 458001] {CVE-2008-3272}
- [ipmi] control BMC device ordering (peterm@redhat.com ) [459071 430157]
- [ia64] fix to check module_free parameter (Masami Hiramatsu ) [460639 457961]
-  [misc] NULL pointer dereference in kobject_get_path (Jiri Pirko ) [459776 455460]
- [xen] ia64: SMP-unsafe with XENMEM_add_to_physmap on HVM (Tetsu Yamamoto ) [459780 457137]
- [net] bridge: eliminate delay on carrier up (Herbert Xu ) [458783 453526]
- [fs] dio: lock refcount operations (Jeff Moyer ) [459082 455750]
- [misc]  serial: fix break handling for i82571 over LAN (Aristeu Rozanski ) [460509 440018]
- [fs] dio: use kzalloc to zero out struct dio (Jeff Moyer ) [461091 439918]
- [fs] lockd: nlmsvc_lookup_host called with f_sema held (Jeff Layton ) [459083 453094]
- [net] bnx2x: chip reset and port type fixes (Andy Gospodarek ) [441259 442026]
kernel-headers-2.6.18-92.1.10.el5.i386 [846 KiB] Changelog by Jiri Pirko (2008-07-24):
- [ia64] softlock: prevent endless warnings in kdump (Neil Horman ) [456117 453200]

Listing created by repoview