[Rdo-list] [package announce] Moderate: kernel security and enhancement update
Pádraig Brady
pbrady at redhat.com
Wed Oct 23 20:21:21 UTC 2013
RDO includes a custom Enterprise Linux 6.4 kernel.
These custom kernel packages include extra networking functionality
required to facilitate advanced OpenStack Networking deployments.
This update fixes 2 moderate security issues:
* A flaw was found in the way the Linux kernel's TCP/IP protocol suite
implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of service.
https://www.redhat.com/security/data/cve/CVE-2013-4162.html
* An information leak flaw was found in the way Linux kernel's device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible.
https://www.redhat.com/security/data/cve/CVE-2013-4299.html
Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.
This update also adds the following enhancements:
* Support for Distributed Overlay Virtual Ethernet (DOVE).
https://bugzilla.redhat.com/1009025
* Support for Virtual Extensible LAN (VXLAN) as an OpenvSwitch (OVS) tunneling type.
https://bugzilla.redhat.com/1009006
All RDO Enterprise Linux users deploying the OpenStack Networking
service are advised to install these updated packages.
The packages containing the fixes are:
kernel-2.6.32-358.123.2.openstack.el6.src.rpm
python-perf-2.6.32-358.123.2.openstack.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-358.123.2.openstack.el6.x86_64.rpm
kernel-headers-2.6.32-358.123.2.openstack.el6.x86_64.rpm
perf-debuginfo-2.6.32-358.123.2.openstack.el6.x86_64.rpm
kernel-devel-2.6.32-358.123.2.openstack.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-358.123.2.openstack.el6.x86_64.rpm
perf-2.6.32-358.123.2.openstack.el6.x86_64.rpm
kernel-debuginfo-2.6.32-358.123.2.openstack.el6.x86_64.rpm
kernel-2.6.32-358.123.2.openstack.el6.x86_64.rpm
kernel-firmware-2.6.32-358.123.2.openstack.el6.noarch.rpm
kernel-doc-2.6.32-358.123.2.openstack.el6.noarch.rpm
thanks,
Pádraig.
More information about the dev
mailing list