[CentOS-announce] CESA-2014:X005 Moderate Xen4CentOS kernel Security Update

Johnny Hughes johnny at centos.org
Wed Feb 12 05:03:32 UTC 2014 

CentOS Errata and Security Advisory 2014:X005 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

4d780927c1273021f707954531d4f8363f96001a09101ac3b828c02dcf640fc5 e1000e-2.5.4-3.10.29.2.el6.centos.alt.x86_64.rpm
8665f64a64ba10ff731077eb7a25a1eb282cf46739d9d18383d07da7131833aa kernel-3.10.29-11.el6.centos.alt.x86_64.rpm
e66b9c91d42024a4af3752d557a2e0c8fe4c7f2026f9b4a9eea0a500cfc0da4b kernel-devel-3.10.29-11.el6.centos.alt.x86_64.rpm
ce7481db6e7b8c1bca4a104c8bfcdfaa3e8e2334b7ae430c2246685f61ae2b81 kernel-doc-3.10.29-11.el6.centos.alt.noarch.rpm
f3308009ccd8565b5465b8215676c4267e1112abf726404f0553ffc058b3ea56 kernel-firmware-3.10.29-11.el6.centos.alt.noarch.rpm
c5d1a5429a03f2be7dd14865ef5bd8595e5d2691a4d00b4065cbbddddc0b6d6d kernel-headers-3.10.29-11.el6.centos.alt.x86_64.rpm
9dbd0fecce020f0a2b979500ec56ca2c134b6f7c9885133ce31a5fb811f5cd33 perf-3.10.29-11.el6.centos.alt.x86_64.rpm

-----------------------------
Source:
-----------------------------

daacfa96cd99b7d61e4c020b7c92e2039e8867b0cc0d2c0b8a7ecd9b0d251bcb e1000e-2.5.4-3.10.29.2.el6.centos.alt.src.rpm
447c3e834e97b7c4a4b872663a576eef0a984869f6e2fdb06334301f197c1dfe kernel-3.10.29-11.el6.centos.alt.src.rpm


=====================================================

Kernel Changelog info from the SPEC file:

* Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 3.10.29-11
- upgrade to upstream 3.10.29
- addresses CVE-2014-0038 and CVE-2013-6885

e1000e Changelog info from the SPEC file:

* Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.29.2.el6.centos.alt
- build against version 3.10.29 kernel

=====================================================

The following kernel changelogs are available from kernel.org since the previous kernel:

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.29
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.28

=====================================================

The following security issues are addressed in this update:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0038
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6885

=====================================================

NOTE: You must run /usr/bin/grub-bootxen.sh to update the file
      /boot/grub/grub.conf (or you must update that file manually)
      to boot the new kernel on a dom0 xen machine.  See for info:
      http://wiki.centos.org/HowTos/Xen/Xen4QuickStart
 
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

More information about the CentOS-announce mailing list