[CentOS-announce] CESA-2014:X003 Moderate Xen4CentOS kernel Security Update

Sat Jan 25 01:17:33 UTC 2014
Johnny Hughes <johnny at centos.org>

CentOS Errata and Security Advisory 2014:X003 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

885234e7bead8d78e914780e3264f74e4058c4d0211934da4a4d28e3e405f51d e1000e-2.5.4-3.10.27.2.el6.centos.alt.x86_64.rpm
7c41b049043145c401915d77d61221163c5dc6438bf061211bd587ddb2267a86 kernel-3.10.27-11.el6.centos.alt.x86_64.rpm
be3b2a9f0e50148b22072418b6c4b84bdc3a7c21ab48e8ca0e4d036565532e14 kernel-devel-3.10.27-11.el6.centos.alt.x86_64.rpm
0dda48c96293eb27d7e61247a0b5c4b62f02f50074237b1c1e57cbe77410655a kernel-doc-3.10.27-11.el6.centos.alt.noarch.rpm
9e9aa71ae2ff05491e78785a45e7ddaa8ea703416522bcebd9a47b10a4d71aee kernel-firmware-3.10.27-11.el6.centos.alt.noarch.rpm
b6417227b1d496436f7c7c990025f31027a9761289fb1372eec64da8d8531e24 kernel-headers-3.10.27-11.el6.centos.alt.x86_64.rpm
64e9fcc80b0adcb964817f44613dc38d3921c78b3ffa2d3141486b1f6b057562 perf-3.10.27-11.el6.centos.alt.x86_64.rpm


-----------------------------
Source:
-----------------------------

5ba6ace33dbebe60964af7d3351913f66d0a445f4c4c94250e00876f6778603f e1000e-2.5.4-3.10.27.2.el6.centos.alt.src.rpm
6b691e8914f2d1744082d8a1275630b1d0fae8468a18f04b9119413331e51db1 kernel-3.10.27-11.el6.centos.alt.src.rpm

=====================================================

Kernel Changelog info from the SPEC file:

* Fri Jan 24 2014 Johnny Hughes <johnny at centos.org> 3.10.27-11
- upgrade to upstream 3.10.27
- addresses CVE-2013-4579

e1000e Changelog info from the SPEC file:

* Fri Jan 24 2014 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.27.2.el6.centos.alt
- build against version 2.10.27 kernel

=====================================================

The following kernel changelogs are available from kernel.org since the previous kernel:

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.27
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.26

=====================================================

The following security issues are addressed in this update:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4579

=====================================================

NOTE: You must run /usr/bin/grub-bootxen.sh to update the file
      /boot/grub/grub.conf (or you must update that file manually)
      to boot the new kernel on a dom0 xen machine.  See for info:
      http://wiki.centos.org/HowTos/Xen/Xen4QuickStart
 
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net