Branch b1_6

b=13748
i=shadow
i=johann

Update RHEL4 kernel to fix the vulnerability described in CVE-2007-4573.

lustre/ChangeLog

@@ -2,7 +2,7 @@ tbd         Cluster File Systems, Inc. <info@clusterfs.com>
        * version 1.6.4
        * Support for kernels:
         2.6.5-7.286 (SLES 9),
-        2.6.9-55.0.6.EL (RHEL 4),
+        2.6.9-55.0.9.EL (RHEL 4),
         2.6.16.46-0.14 (SLES 10),
         2.6.18-8.1.14.el5 (RHEL 5),
         2.6.18.8 vanilla (kernel.org)
@@ -141,6 +141,13 @@ Details    : In filter_check_grant, for non_grant cache write, we should
 	     increase. In client, we should update cl_avail_grant only there is
 	     OBD_MD_FLGRANT in the reply.
 
+Severity   : critical
+Bugzilla   : 13748
+Description: Update RHEL 4 kernel to fix local root privilege escalation.
+Details    : Update to the latest RHEL 4 kernel to fix the vulnerability
+	     described in CVE-2007-4573.  This problem could allow untrusted
+	     local users to gain root access.
+
 --------------------------------------------------------------------------------
 
 2007-09-27         Cluster File Systems, Inc. <info@clusterfs.com>

lustre/kernel_patches/targets/2.6-rhel4.target.in

 lnxmaj="2.6.9"
-lnxrel="55.0.6.EL"
+lnxrel="55.0.9.EL"
 
 KERNEL=linux-${lnxmaj}-${lnxrel}.tar.bz2
 SERIES=2.6-rhel4.series

lustre/kernel_patches/which_patch

@@ -3,7 +3,7 @@ SERIES                VERSION                  COMMENT
 SUPPORTED KERNELS:
 2.6-suse              SLES9 before SP1         already in SLES9 SP1 kernel
 2.6-suse-newer        SLES9: 2.6.5-7.286       extra patches for SLES9 after SP1
-2.6-rhel4             RHEL4: 2.6.9-55.0.6.EL
+2.6-rhel4             RHEL4: 2.6.9-55.0.9.EL
 2.6-sles10            SLES10: 2.6.16.46-0.14
 2.6-rhel5.series      RHEL5: 2.6.18-8.1.14.el5
 2.6.18-vanilla.series kernel.org: 2.6.18.8