First published: Thu Aug 10 2006(Updated: )
New features introduced in this update include:<br><li> Device Mapper mirroring support </li> <li> IDE diskdump support </li> <li> x86, AMD64 and Intel EM64T: Multi-core scheduler support enhancements </li> <li> Itanium: perfmon support for Montecito </li> <li> much improved support for IBM x460 </li> <li> AMD PowerNow! patches to support Opteron Rev G </li> <li> Vmalloc support > 64MB </li> The following device drivers have been upgraded to new versions:<br>ipmi: 33.11 to 33.13<br>ib_mthca: 0.06 to 0.08<br>bnx2: 1.4.30 to 1.4.38<br>bonding: 2.6.1 to 2.6.3<br>e100: 3.4.8-k2-NAPI to 3.5.10-k2-NAPI<br>e1000: 6.1.16-k3-NAPI to 7.0.33-k2-NAPI<br>sky2: 0.13 to 1.1<br>tg3: 3.43-rh to 3.52-rh<br>ipw2100: 1.1.0 to git-1.1.4<br>ipw2200: 1.0.0 to git-1.0.10<br>3w-9xxx: 2.26.02.001 to 2.26.04.010<br>ips: 7.10.18 to 7.12.02<br>iscsi_sfnet: 4:0.1.11-2 to 4:0.1.11-3<br>lpfc: 0:8.0.16.18 to 0:8.0.16.27<br>megaraid_sas: 00.00.02.00 to 00.00.02.03-RH1<br>qla2xxx: 8.01.02-d4 to 8.01.04-d7<br>qla6312: 8.01.02-d4 to 8.01.04-d7<br>sata_promise: 1.03 to 1.04<br>sata_vsc: 1.1 to 1.2<br>ibmvscsic: 1.5.5 to 1.5.6<br>ipr: 2.0.11.1 to 2.0.11.2<br>Added drivers:<br>dcdbas: 5.6.0-2<br>sata_mv: 0.6<br>sata_qstor: 0.05<br>sata_uli: 0.5<br>skge: 1.1<br>stex: 2.9.0.13<br>pdc_adma: 0.03<br>This update includes fixes for the security issues:<br><li> a flaw in the USB devio handling of device removal that allowed a </li> local user to cause a denial of service (crash) (CVE-2005-3055,<br>moderate)<br><li> a flaw in the ACL handling of nfsd that allowed a remote user to </li> bypass ACLs for readonly mounted NFS file systems (CVE-2005-3623,<br>moderate)<br><li> a flaw in the netfilter handling that allowed a local user with </li> CAP_NET_ADMIN rights to cause a buffer overflow (CVE-2006-0038, low)<br><li> a flaw in the IBM S/390 and IBM zSeries strnlen_user() function that </li> allowed a local user to cause a denial of service (crash) or to retrieve<br>random kernel data (CVE-2006-0456, important)<br><li> a flaw in the keyctl functions that allowed a local user to cause a </li> denial of service (crash) or to read sensitive kernel memory<br>(CVE-2006-0457, important)<br><li> a flaw in unaligned accesses handling on Itanium processors that </li> allowed a local user to cause a denial of service (crash)<br>(CVE-2006-0742, important)<br><li> a flaw in SELinux ptrace logic that allowed a local user with ptrace </li> permissions to change the tracer SID to a SID of another process<br>(CVE-2006-1052, moderate)<br><li> an info leak on AMD-based x86 and x86_64 systems that allowed a local </li> user to retrieve the floating point exception state of a process run by a<br>different user (CVE-2006-1056, important)<br><li> a flaw in IPv4 packet output handling that allowed a remote user to </li> bypass the zero IP ID countermeasure on systems with a disabled firewall<br>(CVE-2006-1242, low)<br><li> a minor info leak in socket option handling in the network code </li> (CVE-2006-1343, low)<br><li> a flaw in the HB-ACK chunk handling of SCTP that allowed a remote user to </li> cause a denial of service (crash) (CVE-2006-1857, moderate)<br><li> a flaw in the SCTP implementation that allowed a remote user to cause a </li> denial of service (deadlock) (CVE-2006-2275, moderate)<br><li> a flaw in the socket buffer handling that allowed a remote user to cause </li> a denial of service (panic) (CVE-2006-2446, important)<br><li> a flaw in the signal handling access checking on PowerPC that allowed a </li> local user to cause a denial of service (crash) or read arbitrary kernel<br>memory on 64-bit systems (CVE-2006-2448, important)<br><li> a flaw in the netfilter SCTP module when receiving a chunkless packet </li> that allowed a remote user to cause a denial of service (crash)<br>(CVE-2006-2934, important)<br>There were several bug fixes in various parts of the kernel. The ongoing<br>effort to resolve these problems has resulted in a marked improvement<br>in the reliability and scalability of Red Hat Enterprise Linux 4.
Affected Software | Affected Version | How to fix |
---|
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.