X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=kernel-2.6.spec;h=53fa2f3938dbfe068d416266559ddf5bd62d56dc;hb=df3e168a40be1339f6a47bb551c49edefb761b3f;hp=edd99ec448cff0812782b8528419b13b2007786f;hpb=cee8a8ed81bbe946608a7e5f3f77feb49a342655;p=linux-2.6.git diff --git a/kernel-2.6.spec b/kernel-2.6.spec index edd99ec44..53fa2f393 100644 --- a/kernel-2.6.spec +++ b/kernel-2.6.spec @@ -4,15 +4,21 @@ Vendor: PlanetLab Packager: PlanetLab Central Distribution: PlanetLab %{plrelease} -URL: %(echo %{url} | cut -d ' ' -f 2) +URL: %{SCMURL} %{!?pldistro:%global pldistro planetlab} %define name linux-2.6 %define module_version_varname sublevel -%define taglevel 3 +%define taglevel 16 %define sublevel 32 + +%if ("%{distro}" == "Fedora" && %{distrorelease} >= 12) || ("%{distro}" == "SL" && %{distrorelease} >= 6) || ("%{distro}" == "CentOS" && %{distrorelease} >= 6) +%define modern_distro 1 +%else +%define modern_distro 0 +%endif #### Planet-Lab #### Summary: The Linux kernel @@ -34,7 +40,7 @@ Summary: The Linux kernel %define rhel 1 %if %{rhel} -%define distro_build 71.7.1 +%define distro_build 71.24.1 #### Planet-Lab #### %define signmodules 0 #### Planet-Lab #### @@ -51,7 +57,7 @@ Summary: The Linux kernel # Don't stare at the awk too long, you'll go blind. %define fedora_cvs_origin 1462 %define fedora_cvs_revision() %2 -%global distro_build %(echo %{fedora_cvs_origin}.%{fedora_cvs_revision $Revision: 1.18.2.7 $} | awk -F . '{ OFS = "."; ORS = ""; print $3 - $1 ; i = 4 ; OFS = ""; while (i <= NF) { print ".", $i ; i++} }') +%global distro_build %(echo %{fedora_cvs_origin}.%{fedora_cvs_revision $Revision: 1.18.2.25 $} | awk -F . '{ OFS = "."; ORS = ""; print $3 - $1 ; i = 4 ; OFS = ""; while (i <= NF) { print ".", $i ; i++} }') %define distro_build %{fedora_build} %define signmodules 0 %endif @@ -111,7 +117,7 @@ Summary: The Linux kernel # kernel-kdump %define with_kdump %{?_without_kdump: 0} %{?!_without_kdump: 1} # kernel-debug -%define with_debug %{?_without_debug: 0} %{?!_without_debug: 1} +%define with_debug %{?_without_debug: 1} %{?!_without_debug: 0} # kernel-doc %define with_doc %{?_without_doc: 0} %{?!_without_doc: 1} # kernel-headers @@ -124,15 +130,17 @@ Summary: The Linux kernel %define with_perftool %{?_without_perftool: 0} %{?!_without_perftool: 1} # perf noarch subpkg %define with_perf %{?_without_perf: 0} %{?!_without_perf: 1} +#### Planet-Lab #### # kernel-debuginfo -%define with_debuginfo %{?_without_debuginfo: 0} %{?!_without_debuginfo: 1} +%define with_debuginfo %{?_without_debuginfo: 1} %{?!_without_debuginfo: 0} +#### Planet-Lab #### # kernel-bootwrapper (for creating zImages from kernel + initrd) %define with_bootwrapper %{?_without_bootwrapper: 0} %{?!_without_bootwrapper: 1} # Want to build a the vsdo directories installed %define with_vdso_install %{?_without_vdso_install: 0} %{?!_without_vdso_install: 1} #### Planet-Lab #### # Use dracut instead of mkinitrd for initrd image generation -%if "%{distro}" == "Fedora" && %{distrorelease} >= 12 +%if %{modern_distro} %define with_dracut %{?_without_dracut: 0} %{?!_without_dracut: 1} %else %define with_dracut %{?_without_dracut: 1} %{?!_without_dracut: 0} @@ -197,7 +205,7 @@ Summary: The Linux kernel %endif # The kernel tarball/base version -%define kversion 2.6.32-71.7.1.el6 +%define kversion 2.6.32-71.24.1.el6 %define make_target bzImage @@ -461,7 +469,7 @@ Summary: The Linux kernel # integration in the distro harder than needed. # #### Planet-Lab #### -%if "%{distro}" == "Fedora" && %{distrorelease} >= 12 +%if %{modern_distro} %define package_conflicts initscripts < 7.23, udev < 145-11, iptables < 1.3.2-1, ipw2200-firmware < 2.4, iwl4965-firmware < 228.57.2, selinux-policy-targeted < 1.25.3-14, squashfs-tools < 4.0, wireless-tools < 29-3 %else %define package_conflicts initscripts < 7.23, iptables < 1.3.2-1, ipw2200-firmware < 2.4, iwl4965-firmware < 228.57.2, selinux-policy-targeted < 1.25.3-14, squashfs-tools < 4.0, wireless-tools < 29-3 @@ -490,10 +498,10 @@ Summary: The Linux kernel # scripts use them. # #### Planet-Lab #### -%if "%{distro}" == "Fedora" && %{distrorelease} >= 12 -%define kernel_prereq fileutils, module-init-tools, initscripts >= 8.11.1-1, kernel-firmware >= %{rpmversion}-%{pkg_release}, grubby >= 7.0.4-1 +%if %{modern_distro} +%define kernel_prereq fileutils, module-init-tools, initscripts >= 8.11.1-1, grubby >= 7.0.4-1 %else -%define kernel_prereq fileutils, module-init-tools, initscripts >= 8.11.1-1, kernel-firmware >= %{rpmversion}-%{pkg_release} +%define kernel_prereq fileutils, module-init-tools, initscripts >= 8.11.1-1, %endif #### Planet-Lab #### @@ -501,10 +509,10 @@ Summary: The Linux kernel %define initrd_prereq dracut-kernel >= 002-18.git413bcf78 %else #### Planet-Lab #### -%if "%{distro}" == "Fedora" && %{distrorelease} >= 12 +%if %{modern_distro} %define initrd_prereq mkinitrd >= 6.0.61-1 %else -%define initrd_prereq mkinitrd >= 6.0.19-1 +%define initrd_prereq mkinitrd >= 5.1 %endif #### Planet-Lab #### %endif @@ -563,7 +571,9 @@ Obsoletes: kernel-smp BuildRequires: module-init-tools, patch >= 2.5.4, bash >= 2.03, sh-utils, tar BuildRequires: bzip2, findutils, gzip, m4, perl, make >= 3.78, diffutils, gawk BuildRequires: gcc >= 3.4.2, binutils >= 2.12, redhat-rpm-config -BuildRequires: net-tools, patchutils, rpm-build >= 4.8.0-7 +#### Planet-Lab #### +BuildRequires: net-tools, patchutils, rpm-build +#### Planet-Lab #### %if %{with_doc} BuildRequires: xmlto BuildRequires: asciidoc @@ -595,7 +605,7 @@ BuildConflicts: rhbuildsys(DiskFree) < 7Gb %define debuginfo_args --strict-build-id %endif -Source0: linux-2.6.32-71.7.1.el6.tar.bz2 +Source0: linux-2.6.32-71.24.1.el6.tar.bz2 Source1: Makefile.common @@ -654,9 +664,11 @@ Source78: config-x86_64-generic-rhel Source79: config-debug-rhel Source80: config-generic-rhel Source81: config-powerpc64 +Source82: config-s390x-debug +Source83: config-s390x-debug-rhel -Patch1: patch-2.6.32-71.7.1.el6-vs2.3.0.36.29.4.diff -Patch2: linux-2.6-220-delta-ptrace-fix01.patch +Patch1: patch-2.6.32-71.24.1.el6-vs2.3.0.36.29.6.diff +Patch2: linux-2.6-255-vserver-delta-cow-fix23.diff Patch3: linux-2.6-250-ipsets.patch Patch4: linux-2.6-510-ipod.patch Patch5: linux-2.6-521-packet-tagging.patch @@ -676,6 +688,7 @@ Patch18: linux-2.6-650-hangcheck-reboot.patch Patch19: linux-2.6-660-nmi-watchdog-default.patch Patch20: linux-2.6-680-htb-hysteresis-tso.patch +Patch10000: linux-2.6-10000-gcc-4.5.patch # empty final patch file to facilitate testing of kernel patches Patch999999: linux-kernel-test.patch @@ -950,9 +963,9 @@ cp %{SOURCE15} %{SOURCE1} %{SOURCE16} %{SOURCE17} %{SOURCE18} . make -f %{SOURCE20} VERSION=%{version} configs #### Planet-Lab #### -ApplyPatch patch-2.6.32-71.7.1.el6-vs2.3.0.36.29.4.diff -ApplyPatch linux-2.6-220-delta-ptrace-fix01.patch +ApplyPatch patch-2.6.32-71.24.1.el6-vs2.3.0.36.29.6.diff ApplyPatch linux-2.6-250-ipsets.patch +ApplyPatch linux-2.6-255-vserver-delta-cow-fix23.diff ApplyPatch linux-2.6-510-ipod.patch ApplyPatch linux-2.6-521-packet-tagging.patch ApplyPatch linux-2.6-522-iptables-connection-tagging.patch @@ -971,6 +984,7 @@ ApplyPatch linux-2.6-640-netlink-audit-hack.patch ApplyPatch linux-2.6-650-hangcheck-reboot.patch ApplyPatch linux-2.6-660-nmi-watchdog-default.patch ApplyPatch linux-2.6-680-htb-hysteresis-tso.patch +ApplyPatch linux-2.6-10000-gcc-4.5.patch #### Planet-Lab #### ApplyOptionalPatch linux-kernel-test.patch @@ -1546,9 +1560,13 @@ fi\ %if %{with_dracut}\ /sbin/new-kernel-pkg --package kernel%{?1:-%{1}} --mkinitrd --dracut --depmod --update %{KVERREL}%{?1:.%{1}} $NEWKERNARGS || exit $?\ %else\ +%if %{modern_distro}\ /sbin/new-kernel-pkg --package kernel%{?1:-%{1}} --mkinitrd --depmod --update %{KVERREL}%{?1:.%{1}} $NEWKERNARGS || exit $?\ +%else\ +/sbin/new-kernel-pkg --mkinitrd --depmod --install %{KVERREL}%{?1:.%{1}} || exit $?\ +%endif\ %endif}\ -%if "%{distro}" == "Fedora" && %{distrorelease} >= 12\ +%if %{modern_distro}\ /sbin/new-kernel-pkg --package kernel%{?1:-%{1}} --rpmposttrans %{KVERREL}%{?1:.%{1}} || exit $?\ if [ -x /sbin/weak-modules ]\ then\ @@ -1652,12 +1670,14 @@ fi /usr/include/* %endif +%if 0 %if %{with_firmware} %files firmware %defattr(-,root,root) /lib/firmware/* %doc linux-%{kversion}.%{_target_cpu}/firmware/WHENCE %endif +%endif %if %{with_bootwrapper} %files bootwrapper @@ -1721,6 +1741,7 @@ fi /etc/ld.so.conf.d/kernel-%{KVERREL}%{?2:.%{2}}.conf\ %endif\ /lib/modules/%{KVERREL}%{?2:.%{2}}/modules.*\ +/lib/firmware/*\ %if %{with_dracut}\ %ghost /boot/initramfs-%{KVERREL}%{?2:.%{2}}.img\ %else\ @@ -1765,6 +1786,174 @@ fi %endif %changelog +* Sat Apr 09 2011 S.Çağlar Onur - linux-2.6-32-16 +- bump to 2.6.32-71.24.1.el6, see https://rhn.redhat.com/errata/RHSA-2011-0421.html + +* Wed Mar 30 2011 S.Çağlar Onur - linux-2.6-32-15 +- refresh vs patch against latest upstream release (aka. vs2.3.0.36.29.4 --> vs2.3.0.36.29.6) + +* Sat Mar 26 2011 Frantisek Hrbata [2.6.32-71.24.1.el6] +- [fs] Revert "[fs] inotify: stop kernel memory leak on file creation failure" (Eric Paris) [656831 656832] {CVE-2010-4250} + +* Thu Mar 24 2011 Frantisek Hrbata [2.6.32-71.23.1.el6] +- [x86] Revert "[x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs" (Frank Arnold) [683813 652208] + +* Wed Mar 23 2011 Frantisek Hrbata [2.6.32-71.22.1.el6] +- rebuild + +* Thu Mar 17 2011 Frantisek Hrbata [2.6.32-71.21.1.el6] +- [netdrv] ixgbe: limit VF access to network traffic (Frantisek Hrbata) [684129 678717] +- [netdrv] ixgbe: work around for DDP last buffer size (Frantisek Hrbata) [684129 678717] +- [net] gro: reset dev and skb_iff on skb reuse (Andy Gospodarek) [688311 681970] +- [x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs (Frank Arnold) [683813 652208] +- [virt] virtio_net: Add schedule check to napi_enable call (Michael S. Tsirkin) [684268 676579] +- [s390x] mm: add devmem_is_allowed() for STRICT_DEVMEM checking (Hendrik Brueckner) [684267 647365] +- [powerpc] Don't use kernel stack with translation off (Steve Best) [684266 628951] +- [powerpc] Initialise paca->kstack before early_setup_secondary (Steve Best) [684266 628951] + +* Wed Mar 16 2011 S.Çağlar Onur - linux-2.6-32-14 +- Do not enable CONFIG_SYSFS_DEPRECATED* options for Scientific Linux + +* Mon Mar 14 2011 Frantisek Hrbata [2.6.32-71.20.1.el6] +- [dvb] kernel: av7110 negative array offset (Mauro Carvalho Chehab) [672403 672404] {CVE-2011-0521} +- [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] {CVE-2011-0714} +- [netdrv] orinoco: fix TKIP countermeasure behaviour (Stanislaw Gruszka) [667908 667909] {CVE-2010-4648} +- [kernel] /proc/vmcore: speed up access to vmcore file (Neil Horman) [683442 672937] +- [netdrv] cnic: Fix big endian bug (Steve Best) [678484 676640] +- [scsi] fcoe: drop FCoE LOGO in FIP mode (Mike Christie) [683814 668114] +- [s390x] remove task_show_regs (Danny Feng) [677854 677855] {CVE-2011-0710} +- [ib] cm: Bump reference count on cm_id before invoking callback (Doug Ledford) [676190 676191] {CVE-2011-0695} +- [rdma] cm: Fix crash in request handlers (Doug Ledford) [676190 676191] {CVE-2011-0695} +- [net] bridge: Fix mglist corruption that leads to memory corruption (Herbert Xu) [678172 659421] {CVE-2011-0716} +- [netdrv] r8169: use RxFIFO overflow workaround and prevent RxFIFO induced infinite loops (Ivan Vecera) [680080 630810] +- [s390x] kernel: nohz vs cpu hotplug system hang (Hendrik Brueckner) [683815 668470] +- [netdrv] cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory (Doug Ledford) [633156 633157] {CVE-2010-3296} +- [configs] redhat: added CONFIG_SECURITY_DMESG_RESTRICT option (Frantisek Hrbata) [683822 653245] +- [kernel] restrict unprivileged access to kernel syslog (Frantisek Hrbata) [683822 653245] +- [fs] cifs: allow matching of tcp sessions in CifsNew state (Jeff Layton) [683812 629085] +- [fs] cifs: fix potential double put of TCP session reference (Jeff Layton) [683812 629085] +- [fs] cifs: prevent possible memory corruption in cifs_demultiplex_thread (Jeff Layton) [683812 629085] +- [fs] cifs: eliminate some more premature cifsd exits (Jeff Layton) [683812 629085] +- [fs] cifs: prevent cifsd from exiting prematurely (Jeff Layton) [683812 629085] +- [fs] CIFS: Make cifs_convert_address() take a const src pointer and a length (Jeff Layton) [683812 629085] +- [kdump] kexec: accelerate vmcore copies by marking oldmem in /proc/vmcore as cached (Neil Horman) [683445 641315] +- [virt] KVM: VMX: Disallow NMI while blocked by STI (Avi Kivity) [683783 616296] +- [virt] kvm: write protect memory after slot swap (Michael S. Tsirkin) [683781 647367] + +* Thu Mar 10 2011 S.Çağlar Onur - linux-2.6-32-13 +- bump to 2.6.32-71.18.2.el6, see https://rhn.redhat.com/errata/RHSA-2011-0329.html + +* Wed Mar 2 2011 Frantisek Hrbata [2.6.32-71.18.2.el6] +- [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] + +* Fri Feb 25 2011 Frantisek Hrbata [2.6.32-71.19.1.el6] +- [crypto] sha-s390: Reset index after processing partial block (Herbert Xu) [678996 626515] +- [net] clear heap allocations for privileged ethtool actions (Jiri Pirko) [672434 672435] {CVE-2010-4655} +- [usb] iowarrior: don't trust report_size for buffer size (Don Zickus) [672421 672422] {CVE-2010-4656} +- [virt] virtio: console: Wake up outvq on host notifications (Amit Shah) [678558 643750] +- [fs] inotify: stop kernel memory leak on file creation failure (Eric Paris) [656831 656832] {CVE-2010-4250} +- [net] sctp: fix kernel panic resulting from mishandling of icmp dest unreachable msg (Neil Horman) [667028 667029] {CVE-2010-4526} +- [mm] install_special_mapping skips security_file_mmap check (Frantisek Hrbata) [662198 662199] {CVE-2010-4346} +- [kdump] vt-d: Handle previous faults after enabling fault handling (Takao Indoh) [678485 617137] +- [kdump] Enable the intr-remap fault handling after local apic setup (Takao Indoh) [678485 617137] +- [kdump] vt-d: Fix the vt-d fault handling irq migration in the x2apic mode (Takao Indoh) [678485 617137] +- [kdump] vt-d: Quirk for masking vtd spec errors to platform error handling logic (Takao Indoh) [678485 617137] +- [virt] virtio: console: Don't block entire guest if host doesn't read data (Amit Shah) [678562 643751] +- [virt] virtio: console: Prevent userspace from submitting NULL buffers (Amit Shah) [678559 635535] +- [virt] virtio: console: Fix poll blocking even though there is data to read (Amit Shah) [678561 634232] + +* Wed Feb 23 2011 S.Çağlar Onur - linux-2.6-32-12 +- bump to 2.6.32-71.18.1.el6, see https://rhn.redhat.com/errata/RHSA-2011-0283.html + +* Wed Feb 2 2011 Frantisek Hrbata [2.6.32-71.18.1.el6] +- [netdrv] ixgbe: make sure FCoE DDP user buffers are really released by the HW (Frantisek Hrbata) [674002 617193] +- [netdrv] ixgbe: invalidate FCoE DDP context when no error status is available (Frantisek Hrbata) [674002 617193] +- [netdrv] ixgbe: avoid doing FCoE DDP when adapter is DOWN or RESETTING (Frantisek Hrbata) [674002 617193] +- [fcoe] libfc: remove tgt_flags from fc_fcp_pkt struct (Mike Christie) [666797 633915] +- [fcoe] libfc: use rport timeout values for fcp recovery (Frantisek Hrbata) [666797 633915] +- [fcoe] libfc: incorrect scsi host byte codes returned to scsi-ml (Mike Christie) [666797 633915] +- [scsi] scsi_dh_alua: fix overflow in alua_rtpg port group id check (Mike Snitzer) [673978 670572] + +* Wed Feb 02 2011 S.Çağlar Onur - linux-2.6-32-11 +- older modutils do not support --package and --update option + +* Fri Jan 28 2011 Frantisek Hrbata [2.6.32-71.17.1.el6] +- [s390x] kdump: allow zfcpdump to mount and write to ext4 file systems (Amerigo Wang) [661667 628676] +- [scsi] qla2xxx: Properly set the return value in function qla2xxx_eh_abort (Chad Dupuis) [664398 635710] +- [scsi] qla2xxx: Drop srb reference before waiting for completion (Chad Dupuis) [664398 635710] +- [virt] KVM: VMX: Really clear cr0.ts when giving the guest ownership of the fpu (Avi Kivity) [658891 645898] +- [virt] KVM: SVM: Initialize fpu_active in init_vmcb() (Avi Kivity) [658891 645898] +- [virt] KVM: x86: Use unlazy_fpu() for host FPU (Avi Kivity) [658891 645898] +- [virt] KVM: Set cr0.et when the guest writes cr0 (Avi Kivity) [658891 645898] +- [virt] KVM: VMX: Give the guest ownership of cr0.ts when the fpu is active (Avi Kivity) [658891 645898] +- [virt] KVM: Lazify fpu activation and deactivation (Avi Kivity) [658891 645898] +- [virt] KVM: VMX: Allow the guest to own some cr0 bits (Avi Kivity) [658891 645898] +- [virt] KVM: Replace read accesses of vcpu->arch.cr0 by an accessor (Avi Kivity) [658891 645898] +- [virt] KVM: VMX: trace clts and lmsw instructions as cr accesses (Avi Kivity) [658891 645898] + +* Tue Jan 25 2011 S.Çağlar Onur - linux-2.6-32-10 +- disable debug and debuginfo packages for all flavors. Also incorporate kernel-firmware package's content into kernel RPM. + +* Mon Jan 24 2011 Frantisek Hrbata [2.6.32-71.16.1.el6] +- [net] ipsec: fragment locally generated tunnel-mode IPSec6 packets as needed (Herbert Xu) [670421 661113] +- [net] tcp: Increase TCP_MAXSEG socket option minimum to TCP_MIN_MSS (Frantisek Hrbata) [652510 652511] {CVE-2010-4165} +- [perf] perf_events: Fix perf_counter_mmap() hook in mprotect() (Oleg Nesterov) [651672 651673] {CVE-2010-4169} +- [md] dm mpath: revert "dm: Call blk_abort_queue on failed paths" (Mike Snitzer) [658854 636771] +- [x86] UV: Address interrupt/IO port operation conflict (George Beshers) [662921 659480] +- [mm] guard page for stacks that grow upwards (Johannes Weiner) [666796 630562] +- [scsi] enable state transistions from OFFLINE to RUNNING (Mike Christie) [660590 643237] +- [scsi] set queue limits no_cluster for stacked devices (Mike Snitzer) [662050 658293] +- [mm] Out-of-memory under memory cgroup can call both of oom-killer-for-memcg and oom-killer-for-page-fault (Larry Woodman) [661732 592879] +- [scsi] libfc: possible race could panic system due to NULL fsp->cmd (Mike Christie) [662049 638297] +- [kernel] exec: copy-and-paste the fixes into compat_do_execve() paths (Oleg Nesterov) [627811 625695] {CVE-2010-4243} +- [kernel] exec: make argv/envp memory visible to oom-killer (Oleg Nesterov) [627811 625695] {CVE-2010-4243} +- [virt] virtio: console: Send SIGIO in case of port unplug (Amit Shah) [652720 624628] +- [virt] virtio: console: Send SIGIO on new data arrival on ports (Amit Shah) [652720 624628] +- [virt] virtio: console: Send SIGIO to processes that request it for host events (Amit Shah) [652720 624628] +- [virt] virtio: console: Reference counting portdev structs is not needed (Amit Shah) [662721 628805] +- [virt] virtio: console: Add reference counting for port struct (Amit Shah) [662721 628805] +- [virt] virtio: console: Use cdev_alloc() instead of cdev_init() (Amit Shah) [662721 628805] +- [virt] virtio: console: Add a find_port_by_devt() function (Amit Shah) [662721 628805] +- [virt] virtio: console: Add a list of portdevs that are active (Amit Shah) [662721 628805] +- [virt] virtio: console: open: Use a common path for error handling (Amit Shah) [662721 628805] +- [virt] virtio: console: remove_port() should return void (Amit Shah) [662721 628805] +- [virt] virtio: console: Make write() return -ENODEV on hot-unplug (Amit Shah) [662721 628805] +- [virt] virtio: console: Make read() return -ENODEV on hot-unplug (Amit Shah) [662721 628805] +- [virt] virtio: console: Unblock poll on port hot-unplug (Amit Shah) [662721 628805] +- [virt] virtio: console: Un-block reads on chardev close (Amit Shah) [662721 628805] +- [virt] virtio: console: Check if portdev is valid in send_control_msg() (Amit Shah) [662721 628805] +- [virt] virtio: console: Remove control vq data only if using multiport support (Amit Shah) [662721 628805] +- [virt] virtio: console: Reset vdev before removing device (Amit Shah) [662721 628805] +- [fs] Fix nfsv4 client lock reclaim behaviour (Sachin Prabhu) [661730 638269] +- [scsi] scsi_dh_alua: Handle all states correctly (Mike Snitzer) [659610 636994] +- [kernel] execve: improve interactivity and respond to SIGKILL with large arguments (Dave Anderson) [661731 629178] +- [virt] xen: handle events as edge-triggered (Andrew Jones) [661737 550724] +- [virt] xen: use percpu interrupts for IPIs and VIRQs (Andrew Jones) [661737 550724] + +* Sun Jan 23 2011 Frantisek Hrbata [2.6.32-71.15.1.el6] +- [net] bonding: prevent oopsing on calling pskb_may_pull on shared skb (Andy Gospodarek) [671342 665110] + +* Wed Jan 12 2011 S.Çağlar Onur - linux-2.6-32-9 +- bump to kernel-2.6.32-71.14.1.el6, see https://rhn.redhat.com/errata/RHSA-2011-0007.html for details + +* Mon Jan 10 2011 S.Çağlar Onur - linux-2.6-32-8 +- Fix override: reassigning to symbol SYSFS_DEPRECATED_V2 build warning + +* Thu Jan 06 2011 S.Çağlar Onur - linux-2.6-32-7 +- Adjust mkinitrd requirement for CentOS 5 + +* Wed Jan 05 2011 S.Çağlar Onur - linux-2.6-32-6 +- Disable debuginfo packages for CentOS 5 + +* Wed Jan 5 2011 Frantisek Hrbata [2.6.32-71.14.1.el6] +- [kvm] x86: zero kvm_vcpu_events->interrupt.pad (Marcelo Tosatti) [665471 665409] {CVE-2010-4525} + +* Wed Dec 22 2010 S.Çağlar Onur - linux-2.6-32-5 +- Fix problems caused by gcc 4.5.1 on F14 + +* Fri Dec 17 2010 S.Çağlar Onur - linux-2.6-32-4 +- Fix build problems for Fedora 8 and 12 + * Thu Dec 16 2010 S.Çağlar Onur - linux-2.6-32-3 - Tweak vserver configs based on Daniel's suggestions - Add appropriate postinstall steps required by PL nodes @@ -1773,9 +1962,63 @@ fi * Fri Dec 10 2010 S.Çağlar Onur - linux-2.6-32-2 - Fix F14 build problems +* Thu Dec 9 2010 Frantisek Hrbata [2.6.32-71.13.1.el6] +- [scsi] lpfc: Fixed crashes for NULL pnode dereference (Rob Evers) [660589 635733] + * Wed Dec 08 2010 S.Çağlar Onur - linux-2.6-32-1 - Bump to latest RHEL6 kernel +* Wed Dec 8 2010 Frantisek Hrbata [2.6.32-71.12.1.el6] +- [netdrv] igb: only use vlan_gro_receive if vlans are registered (Stefan Assmann) [652804 660192] {CVE-2010-4263} +- [net] core: neighbour update Oops (Jiri Pirko) [660591 658518] +- [scsi] lpfc: Set heartbeat timer off by default (Rob Evers) [660244 655935] +- [scsi] lpfc: Fixed crashes for BUG_ONs hit in the lpfc_abort_handler (Rob Evers) [659611 645882] + +* Mon Dec 6 2010 Frantisek Hrbata [2.6.32-71.11.1.el6] +- [kernel] posix-cpu-timers: workaround to suppress the problems with mt exec (Oleg Nesterov) [656267 656268] {CVE-2010-4248} +- [fs] bio: take care not overflow page count when mapping/copying user data (Danny Feng) [652530 652531] {CVE-2010-4162} +- [net] can-bcm: fix minor heap overflow (Danny Feng) [651846 651847] {CVE-2010-3874} +- [net] filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651704 651705] {CVE-2010-4158} +- [net] inet_diag: Make sure we actually run the same bytecode we audited (Jiri Pirko) [651268 651269] {CVE-2010-3880} +- [v4l] ivtvfb: prevent reading uninitialized stack memory (Mauro Carvalho Chehab) [648832 648833] {CVE-2010-4079} +- [drm] via/ioctl.c: prevent reading uninitialized stack memory (Dave Airlie) [648718 648719] {CVE-2010-4082} +- [char] nozomi: clear data before returning to userspace on TIOCGICOUNT (Mauro Carvalho Chehab) [648705 648706] {CVE-2010-4077} +- [serial] clean data before filling it on TIOCGICOUNT (Mauro Carvalho Chehab) [648702 648703] {CVE-2010-4075} +- [net] af_unix: limit unix_tot_inflight (Neil Horman) [656761 656762] {CVE-2010-4249} +- [block] check for proper length of iov entries in blk_rq_map_user_iov() (Danny Feng) [652958 652959] {CVE-2010-4163} +- [net] Limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [651894 651895] {CVE-2010-4160} +- [netdrv] mlx4: Add OFED-1.5.2 patch to increase log_mtts_per_seg (Jay Fenlason) [643815 637284] +- [kernel] kbuild: fix external module compiling (Aristeu Rozanski) [658879 655231] +- [net] bluetooth: Fix missing NULL check (Jarod Wilson) [655667 655668] {CVE-2010-4242} +- [kernel] ipc: initialize structure memory to zero for compat functions (Danny Feng) [648694 648695] {CVE-2010-4073} +- [kernel] shm: fix information leak to userland (Danny Feng) [648688 648689] {CVE-2010-4072} +- [md] dm: remove extra locking when changing device size (Mike Snitzer) [653900 644380] +- [block] read i_size with i_size_read() (Mike Snitzer) [653900 644380] +- [kbuild] don't sign out-of-tree modules (Aristeu Rozanski) [655122 653507] + +* Mon Nov 29 2010 Frantisek Hrbata [2.6.32-71.10.1.el6] +- [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630808 630809] {CVE-2010-3078} +- [net] fix rds_iovec page count overflow (Jiri Pirko) [647423 647424] {CVE-2010-3865} +- [scsi] Fix megaraid_sas driver SLAB memory leak detected with CONFIG_DEBUG_SLAB (Shyam Iyer) [649436 633836] +- [usb] serial/mos*: prevent reading uninitialized stack memory (Don Zickus) [648697 648698] {CVE-2010-4074} +- [kernel] ecryptfs_uid_hash() buffer overflow (Jerome Marchand) [626320 611388] {CVE-2010-2492} +- [sound] seq/oss - Fix double-free at error path of snd_seq_oss_open() (Jaroslav Kysela) [630554 630555] {CVE-2010-3080} +- [virt] virtio-net: init link state correctly (Jason Wang) [653340 646369] +- [netdrv] prevent reading uninitialized memory in hso driver (Thomas Graf) [633143 633144] {CVE-2010-3298} + +* Sun Nov 21 2010 Frantisek Hrbata [2.6.32-71.9.1.el6] +- [fs] Do not mix FMODE_ and O_ flags with break_lease() and may_open() (Harshula Jayasuriya) [648408 642677] +- [fs] aio: check for multiplication overflow in do_io_submit (Jeff Moyer) [629450 629451] {CVE-2010-3067} +- [net] fix info leak from kernel in ethtool operation (Neil Horman) [646727 646728] {CVE-2010-3861} +- [net] packet: fix information leak to userland (Jiri Pirko) [649899 649900] {CVE-2010-3876} +- [net] clean up info leak in act_police (Neil Horman) [636393 636394] {CVE-2010-3477} +- [kernel] sys_semctl: fix kernel stack leakage (Danny Feng) [648723 648724] {CVE-2010-4083} +- [sound] sound/pci/rme9652: prevent reading uninitialized stack memory (Stanislaw Gruszka) [648710 648715 648711 648716] {CVE-2010-4080 CVE-2010-4081} +- [mm] Prevent Out Of Memory when changing cpuset's mems on NUMA (Larry Woodman) [651996 597127] + +* Thu Oct 28 2010 Frantisek Hrbata [2.6.32-71.8.1.el6] +- [mm] remove false positive THP pmd_present BUG_ON (Andrea Arcangeli) [647391 646384] + * Wed Oct 27 2010 Frantisek Hrbata [2.6.32-71.7.1.el6] - [drm] ttm: fix regression introduced in dfb4a4250168008c5ac61e90ab2b86f074a83a6c (Dave Airlie) [646994 644896]