- Issued:
- 2004-09-02
- Updated:
- 2004-09-02
RHBA-2004:433 - Bug Fix Advisory
Synopsis
Updated kernel packages available for Red Hat Enterprise Linux 3 Update 3
Type/Severity
Bug Fix Advisory
Topic
Updated kernel packages are now available as part of ongoing support and
maintenance of Red Hat Enterprise Linux version 3. This is the third
regular update (Update 3).
Description
The Linux kernel handles the basic functions of the operating system.
This is the third regular kernel update to Red Hat Enterprise Linux 3.
New features introduced by this update include:
- a disk dump facility (for the x86 and Itanium architectures)
- no-execute (NX) page protection and the enabling of ExecShield,
which is used to minimize potential vulnerability to buffer
overflow exploits (for the x86, EM64T, and AMD64 architectures)
- support for dynamic addition of SCSI host adapters
- support for new IBM POWER5 systems
- support for new I/O devices
There were many bug fixes in various parts of the kernel. The ongoing
effort to resolve these problems has resulted in a marked improvement in
the reliability and scalability of Red Hat Enterprise Linux. Some key
areas affected by these fixes are disk and network drivers, USB and SATA
support, and the VM, NFS, SCSI, and auditing subsystems. There was also
a major overhaul of SAL/MCA handling for Itanium (now integrated with a
new "salinfo" daemon), as well as a significant upgrade to the autofs4
subsystem, which is now fully supported.
The following device drivers have been upgraded to new versions:
aacraid ---- 1.1.5-2339
aic79xx ---- 1.3.10-RH1
b44 -------- 0.93
cciss ------ 2.4.52.RH1
e100 ------- 2.3.43-k1
e1000 ------ 5.2.52-k3
emulex ----- 7.0.3 (new in Update 3)
fusion ----- 2.05.16
ipr -------- 1.0.4
ips -------- 7.00.15
lvm -------- 2.4.26
megaraid2 -- 2.10.6
qla2x00 ---- 2.10.6-RH1
qlogic ----- 7.00.03-RH1
sx8 -------- 0.8-24.1 (new in Update 3)
tg3 -------- 3.6RH
z90crypt --- 1.2.1
(Note that the kernel-unsupported package contains drivers and other
modules that are unsupported and therefore might contain security
problems that have not been addressed.)
All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:
Affected Products
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 84134 - NFS locks not released when client side application dies.
- BZ - 85851 - Cardreader problem and CONFIG_SCSI_MULTI_LUN in .config file
- BZ - 89593 - sym53c8xx hang during installer module load
- BZ - 97866 - [scsi] LTC3224 - trap while running 'echo "scsi dump 2" > /proc/scsi/scsi '
- BZ - 106392 - kernel option to allow for support of multiple LUNs at single SCSI
- BZ - 106874 - RHEL3 IPF U2: Support of Open Emulex driver
- BZ - 106887 - RHEL3 U3: support of open Emulex driver
- BZ - 107535 - Fix serial driver oops
- BZ - 108648 - No AGP support on Tyan 2885 K8W
- BZ - 110387 - ypbind can not find server with broadcast
- BZ - 110612 - System begins swapping when less than 2GB of memory is free causing memory to be underutilized
- BZ - 112426 - Dynamic adapter addition via "scsi add-single-device"
- BZ - 113636 - NFS: bad interaction between rsync and NFS
- BZ - 114778 - tight SCSI DMA pool due to incorrect resizing
- BZ - 114939 - kernel panic in scsi_resize_dma_pool due to memory leak
- BZ - 115345 - need to whitelist IBM ESS to be scanned beyond LUN 0 by SCSI subsystem
- BZ - 115427 - Massive workload combined with ESS flashcopy leading to I/O hang
- BZ - 116335 - kscand paniced in the page_referenced function
- BZ - 117218 - Entropy pool not updated (/dev/random blocks)
- BZ - 117816 - RFE: move to newer lvm package
- BZ - 118098 - LTC6800-kernel oops with huge_page_release
- BZ - 118152 - swap usage when there's still free (although cached) memory
- BZ - 118436 - USB serial port doesn't process CR/LF
- BZ - 118564 - [PATCH] RHEL3 cannot boot on 8-way Opteron systems
- BZ - 119526 - /proc/sys/kernel/random/entropy_avail goes to 0 and does not recover
- BZ - 119537 - ftruncate64 is broken in IA32 emulation layer
- BZ - 119725 - promiscuous mode flip-flop after network restart
- BZ - 119771 - scsi_request_fn() leaks request structures
- BZ - 120344 - (VM) mm_struct mem leak in copy_process() error path
- BZ - 121029 - "low memory" bug on Tiger4 with 32G
- BZ - 121059 - [PATCH] LTC7645-ipr driver should be using request_bufflen instead of bufflen in queuecommand
- BZ - 121339 - [PATCH] Support multiple IO port spaces (for multiple IO chassis)
- BZ - 121585 - LTC6742 Patch for compat futexes
- BZ - 121842 - [PATCH] LVM on PPC64: pvmove failed to move physical extent from one PV to another.
- BZ - 123028 - 32bit UID & GID's get mapped to 65534
- BZ - 123251 - LTC5420 ioctl TIOCGICOUNT not implemented in 32bit for 64bit kernel
- BZ - 123452 - user accounts with very large UIDs given UID for nfsnobody
- BZ - 123558 - bcm4401 won't come up
- BZ - 123656 - NX bit interferes with Java JRE 1.4.2
- BZ - 123793 - [PATCH] problem with ffs() on x86_64?
- BZ - 124219 - ttl of zero in broadcast frames
- BZ - 124453 - Request update of st.c driver
- BZ - 124600 - Unexpected error: VFS: Busy inodes after unmount. Self-destruct in 5 seconds.
- BZ - 124624 - mmap use causes kernel panic
- BZ - 125178 - LTC9119-Random page cache corruption when audit is enabled in rhel 3 kernels
- BZ - 125975 - ehci-hcd does not do proper bios handoff
- BZ - 125983 - AIO compatibility system calls not implemented
- BZ - 126065 - Dell PowerEdge 750 panic on mount root (sata)
- BZ - 126518 - Audit logs login audit records with invalid executable names
- BZ - 126657 - df wrong output terabyte
- BZ - 126703 - BUG() in __sync_one
- BZ - 127038 - Add audit support for semtimedop syscall
- BZ - 127063 - mlock() gets stuck in get_user_pages/follow_page
- BZ - 127068 - HP Network Storage Router NS E1200-160 needs FORCELUN
- BZ - 127240 - Swapping when there are plenty of cache available
- BZ - 127341 - general install flakiness
- BZ - 127440 - Unable to see my LUNs with new qla2300 driver (v.6.07.02-RH2-fo)
- BZ - 128164 - Kernel error: Filter target 0x203 not known or not supported in this context
- BZ - 128418 - df reports incorrectly on large nfs filesystems
- BZ - 128585 - kernel has problem initializing NUMA on a TYAN K8W
- BZ - 128993 - kernel panic from handle_IPI
- BZ - 129174 - There is a bug in the scsi_request_fn function in drivers/scsi_lib.c
- BZ - 129256 - error/warning messages on system console after successful test run
- BZ - 131029 - gart errors when using 2.4.21-15.0.3.EL.smp or -9.0.1 on AMD64 quad system
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.