From ecf42906f86a6981ac6501960df5c846ab34dcb0 Mon Sep 17 00:00:00 2001 From: yangsheng Date: Mon, 15 Oct 2007 05:27:11 +0000 Subject: [PATCH] Branch b1_6 b=13748 i=shadow i=johann Update RHEL4 kernel to fix the vulnerability described in CVE-2007-4573. --- lustre/ChangeLog | 9 ++++++++- lustre/kernel_patches/targets/2.6-rhel4.target.in | 2 +- lustre/kernel_patches/which_patch | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/lustre/ChangeLog b/lustre/ChangeLog index 8ac521e..c8c04a7 100644 --- a/lustre/ChangeLog +++ b/lustre/ChangeLog @@ -2,7 +2,7 @@ tbd Cluster File Systems, Inc. * version 1.6.4 * Support for kernels: 2.6.5-7.286 (SLES 9), - 2.6.9-55.0.6.EL (RHEL 4), + 2.6.9-55.0.9.EL (RHEL 4), 2.6.16.46-0.14 (SLES 10), 2.6.18-8.1.14.el5 (RHEL 5), 2.6.18.8 vanilla (kernel.org) @@ -141,6 +141,13 @@ Details : In filter_check_grant, for non_grant cache write, we should increase. In client, we should update cl_avail_grant only there is OBD_MD_FLGRANT in the reply. +Severity : critical +Bugzilla : 13748 +Description: Update RHEL 4 kernel to fix local root privilege escalation. +Details : Update to the latest RHEL 4 kernel to fix the vulnerability + described in CVE-2007-4573. This problem could allow untrusted + local users to gain root access. + -------------------------------------------------------------------------------- 2007-09-27 Cluster File Systems, Inc. diff --git a/lustre/kernel_patches/targets/2.6-rhel4.target.in b/lustre/kernel_patches/targets/2.6-rhel4.target.in index 43e0021..42ee0fe 100644 --- a/lustre/kernel_patches/targets/2.6-rhel4.target.in +++ b/lustre/kernel_patches/targets/2.6-rhel4.target.in @@ -1,5 +1,5 @@ lnxmaj="2.6.9" -lnxrel="55.0.6.EL" +lnxrel="55.0.9.EL" KERNEL=linux-${lnxmaj}-${lnxrel}.tar.bz2 SERIES=2.6-rhel4.series diff --git a/lustre/kernel_patches/which_patch b/lustre/kernel_patches/which_patch index 73a5166..3c9080c 100644 --- a/lustre/kernel_patches/which_patch +++ b/lustre/kernel_patches/which_patch @@ -3,7 +3,7 @@ SERIES VERSION COMMENT SUPPORTED KERNELS: 2.6-suse SLES9 before SP1 already in SLES9 SP1 kernel 2.6-suse-newer SLES9: 2.6.5-7.286 extra patches for SLES9 after SP1 -2.6-rhel4 RHEL4: 2.6.9-55.0.6.EL +2.6-rhel4 RHEL4: 2.6.9-55.0.9.EL 2.6-sles10 SLES10: 2.6.16.46-0.14 2.6-rhel5.series RHEL5: 2.6.18-8.1.14.el5 2.6.18-vanilla.series kernel.org: 2.6.18.8 -- 1.8.3.1