Oracle Linux Security Advisory ELSA-2012-2044


The following updated rpms for Oracle Linux 5 have been uploaded to the Unbreakable Linux Network:

i386:
kernel-uek-2.6.32-300.39.1.el5uek.i686.rpm
kernel-uek-debug-2.6.32-300.39.1.el5uek.i686.rpm
kernel-uek-debug-devel-2.6.32-300.39.1.el5uek.i686.rpm
kernel-uek-headers-2.6.32-300.39.1.el5uek.i686.rpm
kernel-uek-devel-2.6.32-300.39.1.el5uek.i686.rpm
kernel-uek-doc-2.6.32-300.39.1.el5uek.noarch.rpm
kernel-uek-firmware-2.6.32-300.39.1.el5uek.noarch.rpm
ofa-2.6.32-300.39.1.el5uek-1.5.1-4.0.58.i686.rpm
ofa-2.6.32-300.39.1.el5uekdebug-1.5.1-4.0.58.i686.rpm
mlnx_en-2.6.32-300.39.1.el5uek-1.5.7-2.i686.rpm
mlnx_en-2.6.32-300.39.1.el5uekdebug-1.5.7-2.i686.rpm

x86_64:
kernel-uek-firmware-2.6.32-300.39.1.el5uek.noarch.rpm
kernel-uek-doc-2.6.32-300.39.1.el5uek.noarch.rpm
kernel-uek-2.6.32-300.39.1.el5uek.x86_64.rpm
kernel-uek-headers-2.6.32-300.39.1.el5uek.x86_64.rpm
kernel-uek-devel-2.6.32-300.39.1.el5uek.x86_64.rpm
kernel-uek-debug-devel-2.6.32-300.39.1.el5uek.x86_64.rpm
kernel-uek-debug-2.6.32-300.39.1.el5uek.x86_64.rpm
ofa-2.6.32-300.39.1.el5uek-1.5.1-4.0.58.x86_64.rpm
ofa-2.6.32-300.39.1.el5uekdebug-1.5.1-4.0.58.x86_64.rpm
mlnx_en-2.6.32-300.39.1.el5uek-1.5.7-2.x86_64.rpm
mlnx_en-2.6.32-300.39.1.el5uekdebug-1.5.7-2.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol5/SRPMS-updates/kernel-uek-2.6.32-300.39.1.el5uek.src.rpm
https://oss.oracle.com:443/ol5/SRPMS-updates/ofa-2.6.32-300.39.1.el5uek-1.5.1-4.0.58.src.rpm
https://oss.oracle.com:443/ol5/SRPMS-updates/mlnx_en-2.6.32-300.39.1.el5uek-1.5.7-2.src.rpm

Description of changes:

[2.6.32-300.39.1.el5uek]
- hugepages: fix use after free bug in "quota" handling [15842385] {CVE-2012-2133}
- mm: Hold a file reference in madvise_remove [15842884] {CVE-2012-3511}
- udf: Fortify loading of sparing table [15843730] {CVE-2012-3400}
- udf: Avoid run away loop when partition table length is corrupt [15843730] {CVE-2012-3400}