[ol7_UEKR4_archive] kernel-uek-devel-4.1.12-61.1.33.el7uek.x86_64

Name:	kernel-uek-devel
Version:	4.1.12
Release:	61.1.33.el7uek
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	39790181
License:	GPLv2
RPM:	kernel-uek-devel-4.1.12-61.1.33.el7uek.x86_64.rpm
Source RPM:	kernel-uek-4.1.12-61.1.33.el7uek.src.rpm
Build Date:	Fri Mar 31 2017
Build Host:	x86-ol7-builder-02.us.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Development package for building kernel modules to match the kernel
Description:	This package provides kernel headers and makefiles sufficient to build modules against the kernel package.

Changelog (Show File list) (Show related packages)

Thu Mar 30 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.33.el7uek]

- Revert "x86/mm: Expand the exception table logic to allow new handling options" (Brian Maly)  [Orabug: 25790387]  {CVE-2016-9644} 
- Revert "fix minor infoleak in get_user_ex()" (Brian Maly)  [Orabug: 25790387]  {CVE-2016-9644}

Wed Mar 29 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.32.el7uek]

- x86/mm: Expand the exception table logic to allow new handling options (Tony Luck)  [Orabug: 25790387]  {CVE-2016-9644}

Wed Mar 29 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.31.el7uek]
```
- rebuild bumping release
```

Thu Mar 23 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.30.el7uek]

- net: ping: check minimum size on ICMP header length (Kees Cook)  [Orabug: 25766898]  {CVE-2016-8399} {CVE-2016-8399} 
- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro)  [Orabug: 25765436]  {CVE-2016-10088} 
- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang)  [Orabug: 25751984]  {CVE-2017-7187}

Tue Mar 14 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.29.el7uek]

- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov)  [Orabug: 25696677]  {CVE-2017-2636} 
- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby)  [Orabug: 25696677]  {CVE-2017-2636} 
- If Slot Status indicates changes in both Data Link Layer Status and Presence Detect, prioritize the Link status change. (Jack Vogel)  [Orabug: 25353783]  
- PCI: pciehp: Leave power indicator on when enabling already-enabled slot (Ashok Raj)  [Orabug: 25353783]  
- firewire: net: guard against rx buffer overflows (Stefan Richter)  [Orabug: 25451520]  {CVE-2016-8633} 
- usbnet: cleanup after bind() in probe() (Oliver Neukum)  [Orabug: 25463898]  {CVE-2016-3951} 
- cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind (Bjørn Mork)  [Orabug: 25463898]  {CVE-2016-3951} 
- cdc_ncm: Add support for moving NDP to end of NCM frame (Enrico Mioso)  [Orabug: 25463898]  {CVE-2016-3951} 
- x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert)  [Orabug: 25463918]  {CVE-2016-3672} 
- kvm: fix page struct leak in handle_vmon (Paolo Bonzini)  [Orabug: 25507133]  {CVE-2017-2596} 
- crypto: mcryptd - Check mcryptd algorithm compatibility (tim)  [Orabug: 25507153]  {CVE-2016-10147} 
- kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (Jim Mattson)  [Orabug: 25507188]  {CVE-2016-9588} 
- KVM: x86: drop error recovery in em_jmp_far and em_ret_far (Radim Krčmář)  [Orabug: 25507213]  {CVE-2016-9756} 
- tcp: take care of truncations done by sk_filter() (Eric Dumazet)  [Orabug: 25507226]  {CVE-2016-8645} 
- rose: limit sk_filter trim to payload (Willem de Bruijn)  [Orabug: 25507226]  {CVE-2016-8645} 
- tipc: check minimum bearer MTU (Michal Kubeček)  [Orabug: 25507239]  {CVE-2016-8632} {CVE-2016-8632} 
- fix minor infoleak in get_user_ex() (Al Viro)  [Orabug: 25507269]  {CVE-2016-9178} 
- scsi: arcmsr: Simplify user_len checking (Borislav Petkov)  [Orabug: 25507319]  {CVE-2016-7425} 
- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter)  [Orabug: 25507319]  {CVE-2016-7425} 
- tmpfs: clear S_ISGID when setting posix ACLs (Gu Zheng)  [Orabug: 25507341]  {CVE-2016-7097} {CVE-2016-7097} 
- posix_acl: Clear SGID bit when setting file permissions (Jan Kara)  [Orabug: 25507341]  {CVE-2016-7097} {CVE-2016-7097} 
- ext2: convert to mbcache2 (Jan Kara)  [Orabug: 25512366]  {CVE-2015-8952} 
- ext4: convert to mbcache2 (Jan Kara)  [Orabug: 25512366]  {CVE-2015-8952} 
- mbcache2: reimplement mbcache (Jan Kara)  [Orabug: 25512366]  {CVE-2015-8952} 
- USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum)  [Orabug: 25512466]  {CVE-2016-3140} 
- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet)  [Orabug: 25682419]  {CVE-2017-6345} 
- net/mlx4_core: Disallow creation of RAW QPs on a VF (Eli Cohen)  [Orabug: 25697847]  
- ipv4: keep skb->dst around in presence of IP options (Eric Dumazet)  [Orabug: 25698300]  {CVE-2017-5970} 
- perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race (Peter Zijlstra)  [Orabug: 25698751]  {CVE-2017-6001} 
- ip6_gre: fix ip6gre_err() invalid reads (Eric Dumazet)  [Orabug: 25699015]  {CVE-2017-5897} 
- mpt3sas: Don't spam logs if logging level is 0 (Johannes Thumshirn)  [Orabug: 25699035]  
- xen-netfront: cast grant table reference first to type int (Dongli Zhang)   
- xen-netfront: do not cast grant table reference to signed short (Dongli Zhang)

Thu Feb 23 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.28.el7uek]

- dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov)  [Orabug: 25598257]  {CVE-2017-6074}

Fri Feb 03 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.27.el7uek]

- vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich)  [Orabug: 25164094]  {CVE-2016-9083} {CVE-2016-9084} 
- Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus Torvalds)  [Orabug: 25231931]  {CVE-2016-9576} 
- kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen Hofmann)  [Orabug: 25417387]  {CVE-2016-8630} 
- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu)  [Orabug: 25417799]  {CVE-2016-8646} 
- USB: usbfs: fix potential infoleak in devio (Kangjie Lu)  [Orabug: 25462755]  {CVE-2016-4482} 
- net: fix infoleak in llc (Kangjie Lu)  [Orabug: 25462799]  {CVE-2016-4485}

Fri Jan 27 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.26.el7uek]

- xen-netback: fix extra_info handling in xenvif_tx_err() (Paul Durrant)  [Orabug: 25445336]  
- net: Documentation: Fix default value tcp_limit_output_bytes (Niklas Cassel)  [Orabug: 25458076]  
- tcp: double default TSQ output bytes limit (Wei Liu)  [Orabug: 25458076]  
- xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel)  [Orabug: 25430143]

Wed Jan 11 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.25.el7uek]

- KEYS: Fix short sprintf buffer in /proc/keys show function (David Howells)  [Orabug: 25306361]  {CVE-2016-7042} 
- nvme: Limit command retries (Keith Busch)  [Orabug: 25374751]  
- fs/proc/task_mmu.c: fix mm_access() mode parameter in pagemap_read() (Kenny Keslar)  [Orabug: 25374977]  
- tcp: fix use after free in tcp_xmit_retransmit_queue() (Eric Dumazet)  [Orabug: 25374364]  {CVE-2016-6828} 
- tunnels: Don't apply GRO to multiple layers of encapsulation. (Jesse Gross)  [Orabug: 25036352]  {CVE-2016-8666} 
- i40e: Don't notify client(s) for DCB changes on all VSIs (Neerav Parikh)  [Orabug: 25046290]  
- packet: fix race condition in packet_set_ring (Philip Pettersson)  [Orabug: 25231617]  {CVE-2016-8655} 
- netlink: Fix dump skb leak/double free (Herbert Xu)  [Orabug: 25231692]  {CVE-2016-9806} 
- ALSA: pcm : Call kill_fasync() in stream lock (Takashi Iwai)  [Orabug: 25231720]  {CVE-2016-9794} 
- net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (Eric Dumazet)  [Orabug: 25231751]  {CVE-2016-9793}

Wed Jan 04 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.24.el7uek]
```
- rebuild bumping release
```