From: yangsheng <yangsheng>
Date: Mon, 15 Oct 2007 05:33:16 +0000 (+0000)
Subject: Branch HEAD
X-Git-Tag: v1_7_0_51~623
X-Git-Url: https://git.whamcloud.com/?p=fs%2Flustre-release.git;a=commitdiff_plain;h=c2c7cf577a686ecbf41a8527347917847c13cb3b

Branch HEAD
b=13748
i=shadow
i=johann

Update RHEL4 kernel to fix vulnerability described in CVE-2007-4573.
---

diff --git a/lustre/ChangeLog b/lustre/ChangeLog
index 9370a6d..4c7a52a 100644
--- a/lustre/ChangeLog
+++ b/lustre/ChangeLog
@@ -1,7 +1,7 @@
        * version 1.8.0
        * Support for kernels:
         2.6.5-7.286 (SLES 9),
-        2.6.9-55.0.6.EL (RHEL 4),
+        2.6.9-55.0.9.EL (RHEL 4),
         2.6.16.46-0.14 (SLES 10),
         2.6.18-8.1.14.EL5 (RHEL 5).
         2.6.18.8 vanilla (kernel.org)
@@ -423,6 +423,13 @@ Details    : In filter_check_grant, for non_grant cache write, we should
              increase. In client, we should update cl_avail_grant only there
              is OBD_MD_FLGRANT in the reply.
 
+Severity   : critical
+Bugzilla   : 13748
+Description: Update RHEL 4 kernel to fix local root privilege escalation.
+Details    : Update to the latest RHEL 4 kernel to fix the vulnerability
+	     described in CVE-2007-4573.  This problem could allow untrusted
+	     local users to gain root access.
+
 --------------------------------------------------------------------------------
 
 2007-08-10         Cluster File Systems, Inc. <info@clusterfs.com>
diff --git a/lustre/kernel_patches/targets/2.6-rhel4.target.in b/lustre/kernel_patches/targets/2.6-rhel4.target.in
index 43e0021..42ee0fe 100644
--- a/lustre/kernel_patches/targets/2.6-rhel4.target.in
+++ b/lustre/kernel_patches/targets/2.6-rhel4.target.in
@@ -1,5 +1,5 @@
 lnxmaj="2.6.9"
-lnxrel="55.0.6.EL"
+lnxrel="55.0.9.EL"
 
 KERNEL=linux-${lnxmaj}-${lnxrel}.tar.bz2
 SERIES=2.6-rhel4.series
diff --git a/lustre/kernel_patches/which_patch b/lustre/kernel_patches/which_patch
index 73a5166..3c9080c 100644
--- a/lustre/kernel_patches/which_patch
+++ b/lustre/kernel_patches/which_patch
@@ -3,7 +3,7 @@ SERIES                VERSION                  COMMENT
 SUPPORTED KERNELS:
 2.6-suse              SLES9 before SP1         already in SLES9 SP1 kernel
 2.6-suse-newer        SLES9: 2.6.5-7.286       extra patches for SLES9 after SP1
-2.6-rhel4             RHEL4: 2.6.9-55.0.6.EL
+2.6-rhel4             RHEL4: 2.6.9-55.0.9.EL
 2.6-sles10            SLES10: 2.6.16.46-0.14
 2.6-rhel5.series      RHEL5: 2.6.18-8.1.14.el5
 2.6.18-vanilla.series kernel.org: 2.6.18.8