[CentOS-announce] CESA-2014:X011 Moderate kernel Xen4CentOS Security Update

Wed Oct 1 12:08:01 UTC 2014
Johnny Hughes <johnny at centos.org>

CentOS Errata and Security Advisory 2014:X011 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

0ca23e081ddc488aa22b357fd2ad46b26526424f4613f5af7254bcbdcbcf1474 e1000e-2.5.4-3.10.55.2.el6.centos.alt.x86_64.rpm
2699989af4721eaef6615cda9fc3eaa92335e8e9f07bd635f50d0aa69ab6e7bf kernel-3.10.55-11.el6.centos.alt.x86_64.rpm
7339e016f40eb353feee27ff95ab9636f18b0a27087248da5e7bccd5d76dc69c kernel-devel-3.10.55-11.el6.centos.alt.x86_64.rpm
88759f4fa62f62469864d4c4c634903fe8731fb3e4ad93b0091b8aaad47c8493 kernel-doc-3.10.55-11.el6.centos.alt.noarch.rpm
fc3fcb15f42a98e7c20fc0ed71deaf44f289cebc6b4c69f8f216aad5860ee3d4 kernel-firmware-3.10.55-11.el6.centos.alt.noarch.rpm
f3719c6d0cbf6b9d2c28667de1ed5e067317d4835877c486cb10231c41af5b8c kernel-headers-3.10.55-11.el6.centos.alt.x86_64.rpm
a5f0586ce5ac4c26904ea21a3e5ffe166ca2014dfde0fbf940cdd3aa5f3c1fd6 perf-3.10.55-11.el6.centos.alt.x86_64.rpm

-----------------------------
Source:
-----------------------------

c6441ca87bfca69505b42b82d126e3b51db25361895e15215658fe15765bff13 e1000e-2.5.4-3.10.55.2.el6.centos.alt.src.rpm
fe4226dea73a76754332118ff7bca149f2303f7421dd3908b5e0d906eccb0b38 kernel-3.10.55-11.el6.centos.alt.src.rpm

=====================================================

Kernel Changelog info from the SPEC file:

* Fri Sep 24 2014 Johnny Hughes <johnny at centos.org> - 3.10.55-11
- upgraded to upstream 3.10.55


e1000e Changelog info from the SPEC file:

* Fri Sep 26 2014 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.55.2.el6.centos.alt
- build against version 3.10.55 kernel


=====================================================

The following kernel changelogs are available from kernel.org since the previous kernel:

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.44
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.48
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.49
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.50
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.51
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.52
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.53
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.54
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.55

=====================================================

The following security issues are addressed in this update:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0181
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0206
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3534 *
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3601
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4014
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4171
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4508

* Applicable to s390 arch only, NA for x86_64

=====================================================

NOTE: You must run /usr/bin/grub-bootxen.sh to update the file
      /boot/grub/grub.conf (or you must update that file manually)
      to boot the new kernel on a dom0 xen machine.  See for info:
      http://wiki.centos.org/HowTos/Xen/Xen4QuickStart
 
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net