From c2c7cf577a686ecbf41a8527347917847c13cb3b Mon Sep 17 00:00:00 2001
From: yangsheng <yangsheng>
Date: Mon, 15 Oct 2007 05:33:16 +0000
Subject: [PATCH] Branch HEAD b=13748 i=shadow i=johann

Update RHEL4 kernel to fix vulnerability described in CVE-2007-4573.
---
 lustre/ChangeLog                                  | 9 ++++++++-
 lustre/kernel_patches/targets/2.6-rhel4.target.in | 2 +-
 lustre/kernel_patches/which_patch                 | 2 +-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/lustre/ChangeLog b/lustre/ChangeLog
index 9370a6da66..4c7a52a3c9 100644
--- a/lustre/ChangeLog
+++ b/lustre/ChangeLog
@@ -1,7 +1,7 @@
        * version 1.8.0
        * Support for kernels:
         2.6.5-7.286 (SLES 9),
-        2.6.9-55.0.6.EL (RHEL 4),
+        2.6.9-55.0.9.EL (RHEL 4),
         2.6.16.46-0.14 (SLES 10),
         2.6.18-8.1.14.EL5 (RHEL 5).
         2.6.18.8 vanilla (kernel.org)
@@ -423,6 +423,13 @@ Details    : In filter_check_grant, for non_grant cache write, we should
              increase. In client, we should update cl_avail_grant only there
              is OBD_MD_FLGRANT in the reply.
 
+Severity   : critical
+Bugzilla   : 13748
+Description: Update RHEL 4 kernel to fix local root privilege escalation.
+Details    : Update to the latest RHEL 4 kernel to fix the vulnerability
+	     described in CVE-2007-4573.  This problem could allow untrusted
+	     local users to gain root access.
+
 --------------------------------------------------------------------------------
 
 2007-08-10         Cluster File Systems, Inc. <info@clusterfs.com>
diff --git a/lustre/kernel_patches/targets/2.6-rhel4.target.in b/lustre/kernel_patches/targets/2.6-rhel4.target.in
index 43e0021889..42ee0fea51 100644
--- a/lustre/kernel_patches/targets/2.6-rhel4.target.in
+++ b/lustre/kernel_patches/targets/2.6-rhel4.target.in
@@ -1,5 +1,5 @@
 lnxmaj="2.6.9"
-lnxrel="55.0.6.EL"
+lnxrel="55.0.9.EL"
 
 KERNEL=linux-${lnxmaj}-${lnxrel}.tar.bz2
 SERIES=2.6-rhel4.series
diff --git a/lustre/kernel_patches/which_patch b/lustre/kernel_patches/which_patch
index 73a5166474..3c9080c15f 100644
--- a/lustre/kernel_patches/which_patch
+++ b/lustre/kernel_patches/which_patch
@@ -3,7 +3,7 @@ SERIES                VERSION                  COMMENT
 SUPPORTED KERNELS:
 2.6-suse              SLES9 before SP1         already in SLES9 SP1 kernel
 2.6-suse-newer        SLES9: 2.6.5-7.286       extra patches for SLES9 after SP1
-2.6-rhel4             RHEL4: 2.6.9-55.0.6.EL
+2.6-rhel4             RHEL4: 2.6.9-55.0.9.EL
 2.6-sles10            SLES10: 2.6.16.46-0.14
 2.6-rhel5.series      RHEL5: 2.6.18-8.1.14.el5
 2.6.18-vanilla.series kernel.org: 2.6.18.8
-- 
GitLab