Red Hat ENTERPRISE LINUX 5.5 - S 2010 Manual Download Page 247 | Manualshive

Page: 247 / 470

background image

selinux-policy

237

1.187. selinux-policy

1.187.1. RHBA-2009:1495: bug fix update

Note

This update has already been released (prior to the GA of this release) as errata

RHBA-2009:1495

1896

Updated selinux-policy packages that fix a bug are now available.

The selinux-policy packages contain the rules that govern how confined processes run on the system.

These updated packages fix the following bug:

* the cyrus-imapd daemon is compiled with net-snmp support and it attempts to register its snmp sub-
agent during startup. This was not allowed by previous SELinux policy. These updated packages
include updated policy that allows cyrus-imapd to register its snmp sub-agent during startup, as
expected. (

BZ#523548

1897

)

All users are advised to upgrade to these updated packages, which resolves these issue.

1.187.2. RHBA-2010:0013: bug fix update

Note

This update has already been released (prior to the GA of this release) as errata

RHBA-2010:0013

1898

Updated selinux-policy packages that fix several bugs are now available.

The selinux-policy packages contain the rules that govern how confined processes run on the system.

These updated selinux-policy packages provide fixes for the following bugs:

* the "setkey" utility from the ipsec-tools package manipulates and dumps the kernel's Security Policy
Database (SPD) entries and Security Association Database (SAD) entries. The current selinux-policy
did not allow users running under the "sysadm" role to use setkey. This update allows users running
under the sysadm SELinux role to use the setkey utility from the ipsec-tools package. (

BZ#538449

1899

)

* using the Openswan implementation of IPsec could have resulted in AVC (Access Vector Cache)
denials causing the integrity check to fail, which in turn would cause the pluto key management
daemon not to start. This update includes updated policy rules for IPsec which fix the AVC denials
so that pluto is allowed to run as expected. Note that this is necessary for FIPS-140 compliance.
(

BZ#538452

1900

)

1897

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=523548

1899

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=538449

1900

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=538452

«
...
245
246
247
248
249
...
»

Summary of Contents for ENTERPRISE LINUX 5.5 - S 2010

Page 1: ...Red Hat Enterprise Linux 5 5 Technical Notes Detailed notes on the changes implemented in Red Hat Enterprise Linux 5 5 ...

Page 2: ... by applicable law Red Hat Red Hat Enterprise Linux the Shadowman logo JBoss MetaMatrix Fedora the Infinity Logo and RHCE are trademarks of Red Hat Inc registered in the United States and other countries Linux is the registered trademark of Linus Torvalds in the United States and other countries Java is a registered trademark of Oracle and or its affiliates XFS is a trademark of Silicon Graphics I...

Page 3: ...n 20 1 20 cmirror 25 1 21 cmirror kmod 26 1 22 conga 26 1 23 coolkey 28 1 24 coreutils 29 1 25 cpio 30 1 26 cpuspeed 30 1 27 crash 31 1 28 ctdb 32 1 29 cups 33 1 30 curl 36 1 31 cyrus imapd 37 1 32 cyrus sasl 37 1 33 dbus 38 1 34 dbus python 39 1 35 device mapper 39 1 36 device mapper multipath 40 1 37 dhcp 42 1 38 dhcpv6 44 1 39 dmidecode 45 1 40 dmraid 46 1 41 dogtail 47 1 42 dosfstools 48 1 43 ...

Page 4: ...71 hwdata 77 1 72 ia32el 78 1 73 iasl 79 1 74 inn 80 1 75 iproute 80 1 76 iprutils 81 1 77 iptables 81 1 78 iptstate 82 1 79 ipw2200 firmware 82 1 80 iscsi initiator utils 82 1 81 iwl3945 firmware 84 1 82 iwl4965 firmware 84 1 83 iwl5000 firmware 85 1 84 java 1 6 0 ibm 85 1 85 java 1 6 0 openjdk 86 1 86 java 1 6 0 sun 87 1 87 kdelibs 88 1 88 kernel 89 1 89 kexec tools 128 1 90 krb5 131 1 91 ksh 13...

Page 5: ...tacity 167 1 122 microcode_ctl 169 1 123 mkinitrd 170 1 124 module init tools 172 1 125 mtx 172 1 126 mysql 173 1 127 nautilus open terminal 175 1 128 neon 175 1 129 net snmp 176 1 130 net tools 178 1 131 NetworkManager 179 1 132 newt 180 1 133 nfs utils 181 1 134 nspluginwrapper 182 1 135 nss_ldap 182 1 136 numactl 184 1 137 openCryptoki 185 1 138 openais 186 1 139 OpenIPMI 188 1 140 openib 189 1...

Page 6: ... 173 redhat release 222 1 174 redhat release notes 222 1 175 rgmanager 223 1 176 rhn client tools 226 1 177 rhnlib 227 1 178 rhnsd 228 1 179 rhpxl 228 1 180 rsyslog 229 1 181 ruby 230 1 182 samba 230 1 183 samba3x 233 1 184 sblim 234 1 185 screen 235 1 186 scsi target utils 236 1 187 selinux policy 237 1 188 sendmail 242 1 189 shadow utils 243 1 190 sosreport 244 1 191 squid 248 1 192 squirrelmail...

Page 7: ...11 drv mga 280 1 226 xorg x11 drv nv 281 1 227 xorg x11 drv qxl 281 1 228 xorg x11 drv vesa 283 1 229 xorg x11 server 283 1 230 xorg x11 xdm 285 1 231 xterm 285 1 232 yaboot 286 1 233 yp tools 286 1 234 yum 287 1 235 yum rhn plugin 288 2 New Packages 289 2 1 RHEA 2010 0305 freeradius2 289 2 2 RHEA 2010 0240 gpxe 289 2 3 RHEA 2010 0199 gsl 290 2 4 RHEA 2010 0217 iwl1000 firmware 290 2 5 RHEA 2010 0...

Page 8: ...5 kexec tools 317 5 16 krb5 318 5 17 kvm 318 5 18 less 322 5 19 libcmpiutil 322 5 20 libvirt 322 5 21 lvm2 322 5 22 mesa 323 5 23 mkinitrd 323 5 24 openib 323 5 25 openmpi 324 5 26 qspice 324 5 27 systemtap 324 5 28 virtio win 325 5 29 xorg x11 drv i810 325 5 30 xorg x11 drv nv 326 5 31 xorg x11 drv vesa 326 5 32 yaboot 327 5 33 xen 327 A Package Manifest 329 A 1 Added Packages 329 A 2 Dropped Pac...

Page 9: ...l Notes provide a single organized record of the bugs fixed in features added to and Technology Previews included with this new release of Red Hat Enterprise Linux For auditors and compliance officers the Red Hat Enterprise Linux 5 5 Technical Notes provide a single organized source for change tracking and compliance testing For every user the Red Hat Enterprise Linux 5 5 Technical Notes provide d...

Page 10: ...x ...

Page 11: ...lag works as expected and symbolic links are silently skipped over BZ 436070 4 the setfacl command failed to resolve relative symbolic links when it encountered them unless they were specified with a trailing forward slash character in the case of relative symbolic links to directories or the script or shell prompt s working directory was the directory which contained the relative symbolic link s ...

Page 12: ...rpmdb thus resolving the problem BZ 548374 8 All users of acpid are advised to upgrade to this updated package which resolves this issue 1 2 2 RHSA 2009 1642 Important security update Important This update has already been released prior to the GA of this release as the security errata RHSA 2009 1642 9 An updated acpid package that fixes one security issue is now available for Red Hat Enterprise L...

Page 13: ...r written to var log messages Note although based on a proposed upstream patch this update leaves secure memory enabled unlike the proposed upstream change BZ 530485 12 the FILES section of the aide man page previously listed the locations for aide conf aide db gz and aide db new gz with a pre pended prefix variable The updated aide man page removes this variable listing the file locations as comp...

Page 14: ...elled OEMDRV as driver discs and automatically applies any driver updates contained on them BZ 485060 16 previously if anaconda required network access early in an installation for example to retrieve a kickstart file or driver disk image it temporarily saved information about the network configuration while it enabled access to the network However if anaconda required network access again for a s...

Page 15: ...as a driver disc and searches it for a driver update However anaconda previously failed to examine dev nodes and therefore it would not recognize this label on USB storage devices mounted as a partitionless block devices Anaconda now examines dev nodes for the label OEMDRV and treats them the same as partitions with this label It is therefore possible to use a partitionless device as a driver disc...

Page 16: ...h boot option and therefore represents multipath devices correctly BZ 538129 30 Dell PowerEdge servers equipped with the SAS6i R integrated RAID controller use BIOS Enhanced Disk Drive Services EDD to identify the storage device from which to boot the operating system Previously anaconda did not parse EDD to identify the correct boot device Consequently with a RAID 0 and RAID 1 configured on the s...

Page 17: ...y it was not possible to configure hypervisor parameters during a kickstart installation As a result users needed to specify hypervisor parameters manually after installation negating the usefulness of kickstart as as a mechanism for unattended installations Now anaconda recognizes a new kickstart option hvargs and sets Hypervisor parameters accordingly BZ 501438 38 previouisly during a kickstart ...

Page 18: ... required xorg x11 qxl drv supports the qemu QXL video accelerator when installing Red Hat Enterprise Linux 5 as a guest operating system xorg x11 ast drv supports ASPEED Technologies video hardware BZ 567666 48 1 5 apr util 1 5 1 RHEA 2010 0310 enhancement update Updated apr util packages that add support for MySQL are now available apr util is a utility library used with the Apache Portable Runt...

Page 19: ... updated package which fixes this bug and adds these enhancements 1 7 audit 1 7 1 RHBA 2010 0228 bug fix update An updated audit package that fixes various bugs and provides an enhancement is now available The audit package contains the user space utilities for storing and searching the audit records generate by the audit subsystem in the Linux 2 6 kernel This update includes the following fixes T...

Page 20: ...u use them and unmounts them when they are not busy This updated package fixes the following two autofs bugs autofs was incorrectly using a non thread safe libxml2 function as though it was thread safe This sometimes resulted in autofs crashing With this update the calls to xmlCleanupParser and xmlInitParser have been moved these functions are now only called as autofs starts and exits ensuring th...

Page 21: ...inutes when attempting to mount from a server that was not available A new mount_wait parameter has been added to prevent this block This update requires SELinux policy 255 or later BZ 517349 65 The autofs parser objected to locations containing the characters and Lustre and sshfs mounts causing the mount request to fail This update allows autofs to parse these characters and mount successfully BZ...

Page 22: ...pdate to install if cyrus sasl is also installed BZ 559430 75 All autofs users should upgrade to this updated package which resolves these issues 1 9 automake 1 9 1 RHSA 2010 0321 Low security update Updated automake automake14 automake15 automake16 and automake17 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 The Red Hat Security Response Team has rated this...

Page 23: ... Konquerer even if they were not acting as file servers This update still includes a static SSH SFTP service but it now ships as a deactivated example service ie is not published by default The static SSH FTP service can be activated manually but systems running Avahi no longer appear in file manager LAN listings by default BZ 219143 78 previously running the Avahi init scripts with a status argum...

Page 24: ...olve these issues After installing the update the BIND daemon named will be restarted automatically 1 11 2 RHSA 2009 1620 Moderate security update Important This update has already been released prior to the GA of this release as the security errata RHSA 2009 1620 83 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 This update has been rated as hav...

Page 25: ...and was not parsing files correctly When used with a multi digit NUM argument such as strings 10 filename txt an invalid integer argument error would occur because it regarded each numeral as a separate argument The parsing has now been corrected via a patch to strings c multidigit_input so that multi digit numerals are regarded as parts of a single argument As a result files are now parsed correc...

Page 26: ...md 1 14 1 RHBA 2010 0057 bug fix update Note This update has already been released prior to the GA of this release as FASTRACK errata RHBA 2010 0057 92 An updated bootparamd package that fixes a bug is now available Bootparamd is a server process that provides information to diskless clients necessary for booting consulting the etc bootparams file for required information When bootparamd is used f...

Page 27: ...anually after installation Red Hat Enterprise Linux now includes a new option for the bootloader command in kickstart hvargs which sets hypervisor parameters in grub conf during installation It is now possible to automate this part of the installation process Refer to the Red Hat Enterprise Linux 5 Installation Guide for a description of the hvargs option BZ 552957 95 Users of booty are advised to...

Page 28: ... BZ 529163 101 although brltty contains ELF objects the brltty debuginfo package was empty With this update the debuginfo package contains valid debugging information as expected BZ 500545 102 the MAX_NR_CONSOLES definition was acquired by brltty by including linux tty h in Programs api_client c MAX_NR_CONSOLES has since moved to linux vt h but the include in api_client c was not updated Consequen...

Page 29: ...ives utility and provide various man page corrections are now available The basic system utility chkconfig updates and queries runlevel information for system services These updated chkconfig packages provide fixes for the following bugs when the alternatives utility was run and an error occurred no contextual information such as the line number of the error was provided With this update upon an e...

Page 30: ...transition state In some circumstances this could lead to cman killing the wrong nodes With this update cman now checks the first_trans flag which is set when a node first encounters another node in the cluster Only if first_trans is set does cman now consider the node as joining the cluster BZ 518061 114 Also this update includes the following enhancement First if a node was asked to remove a key...

Page 31: ... have the value cycle which uses the ipmi power cycle command Example of usage fencedevices fencedevice agent fence_ipmilan_new ipaddr 1 2 3 4 login root name ipmifd1 passwd password method cycle Users are advised to upgrade to these updated cman packages which resolve this issue 1 19 3 RHBA 2009 1598 bug fix update Note This update has already been released prior to the GA of this release as erra...

Page 32: ...ilable The Cluster Manager cman utility provides user level services for managing a Linux cluster This update fixes the following bugs qdiskd erroneously writes the message qdiskd read system call has hung for X seconds BZ 537157 Crash in fence_ipmilan when M switch was not present on the command line BZ 537157 Users are advised to upgrade to these updated cman packages which resolve these issues ...

Page 33: ... fencing_snmp failed on all operations traceback fix BZ 528916 143 accept unknown options from standard input BZ 532920 144 125 https bugzilla redhat com bugzilla show_bug cgi id 508722 126 https bugzilla redhat com bugzilla show_bug cgi id 545054 127 https bugzilla redhat com bugzilla show_bug cgi id 532922 128 https bugzilla redhat com bugzilla show_bug cgi id 549124 129 https bugzilla redhat co...

Page 34: ...cycle in fence ipmi BZ 482913 162 add option list devices for fencing agents BZ 519697 163 add support for switching IPv4 IPv6 BZ 520458 164 145 https bugzilla redhat com bugzilla show_bug cgi id 532916 146 https bugzilla redhat com bugzilla show_bug cgi id 507514 147 https bugzilla redhat com bugzilla show_bug cgi id 526806 148 https bugzilla redhat com bugzilla show_bug cgi id 546340 149 https b...

Page 35: ... This update addresses the following issues the cmirror init script was reporting false errors in some stop instances BZ 520915 177 the cluster log daemon was unable to recover if the cluster was shutdown and restarted without also restarting the cluster log daemon BZ 518665 178 communication structure used between nodes was not in a mixed architecture or upgrade friendly format BZ 488102 179 165 ...

Page 36: ...85 Updated conga packages that fix a regression introduced between Red Hat Enterprise Linux 5 3 and Red Hat Enterprise Linux 5 4 are now available The Conga project is a management system for remote workstations It consists of luci a secure web based front end and ricci a secure daemon that dispatches incoming messages to the underlying management modules This update applies the following bug fix ...

Page 37: ...d Hat Enterprise Linux 5 4 the virsh nodeinfo command returned no information and luci did not provide an Add a virtual machine service option to Services in the Cluster tab for clusters that were expected to offer such services With this update ricci now runs a virsh nodeinfo readonly command in line with the changed behavior and luci provides options to add Virtual Machine services as expected B...

Page 38: ...unction was called and the CKF_OS_LOCKING flag was set This issue is related to the fix for BZ 245529 201200 With this update the PKCS 11 module successfully initializes BZ 443127 202 the Red Hat Enterprise Security Client ESC incorrectly identified CAC cards as CoolKey cards and mistakenly opened the Phone Home dialog after doing so With this update CoolKey correctly identifies CAC cards and assi...

Page 39: ...he regression specifying a device now works for regular users as it did previously Note running df l to list all devices was not affected by this bug it worked as expected previously and continues to do so subsequent to this update BZ 528641 207 All coreutils users should upgrade to this updated package which addresses this regression 1 24 2 RHBA 2010 0120 bug fix update Note This update has alrea...

Page 40: ...aw was found in the way cpio expanded archive files If a user were tricked into expanding a specially crafted archive it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio CVE 2010 0624 211 Red Hat would like to thank Jakob Lell for responsibly reporting the CVE 2010 0624 212 issue A denial of service flaw was found in the way cpio expan...

Page 41: ... and kdump packages from Red Hat Linux the mcore kernel patch offered by Mission Critical Linux or the LKCD kernel patch if a kdump NMI was issued and the task kernel stack was changed the backtrace would in some cases fail and produce an error bt cannot transition from exception stack to current process stack The crash package was updated to report task inconsistencies and change the active task ...

Page 42: ...d beyond a file offset of 4GB resulted in errors Changes were made to the xc_core_verify initialization code and dump now works as expected BZ 561767 The crash utility was rebased See the changelog linked to in the references section below for full details BZ 528184 225 All users of crash are advised to upgrade to these updated packages which resolve these issues 1 28 ctdb 1 28 1 RHEA 2010 0320 en...

Page 43: ...s update cupsd no longer leaks memory when adding or modifying large numbers of printer queues and the associated out of memory errors and crashes no longer occur BZ 552213 228 All cups users should upgrade to these updated packages which resolves this issue 1 29 2 RHSA 2010 0129 Moderate security update Important This update has already been released prior to the GA of this release as the securit...

Page 44: ...nter leading to a denial of service cupsd crash CVE 2009 3553 232 Several cross site scripting XSS flaws were found in the way the CUPS web server interface processed HTML form content If a remote attacker could trick a local user who is logged into the CUPS web interface into visiting a specially crafted HTML page the attacker could retrieve and potentially modify confidential CUPS administration...

Page 45: ...e is needed by cups but there was no package dependency on it BZ 487495 241 there was a memory leak in the scheduler s handling of file device URIs BZ 496008 242 setting quota limits using the lpadmin command did not work correctly BZ 496082 243 there were several issues with CGI handling in the scheduler causing custom CGI scripts not to work as expected BZ 497632 244 BZ 506316 245 the dependenci...

Page 46: ...ted applications using libcurl that rely on the documented data size limit and that copy the data to the insufficiently sized buffer CVE 2010 0734 251 This update also fixes the following bugs when using curl to upload a file if the connection was broken or reset by the server during the transfer curl immediately started using 100 CPU and failed to acknowledge that the transfer had failed With thi...

Page 47: ...ate has been rated as having important security impact by the Red Hat Security Response Team The cyrus imapd packages contain a high performance mail server with IMAP POP3 NNTP and Sieve support Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code with the pri...

Page 48: ...en rated as having moderate security impact by the Red Hat Security Response Team D Bus is a system for sending messages between applications It is used for the system wide message bus service and as a per user login session messaging facility It was discovered that the Red Hat Security Advisory RHSA 2009 0008 did not correctly fix the denial of service flaw in the system for sending messages betw...

Page 49: ...ted dbus python packages that fix an issue with the puplet package updater are now available for Red hat Enterprise Linux 5 The dbus python package provides a Python binding to the D Bus system message bus This updated dbus python package fixes the following bug the puplet icon in the GNOME Notification Area displays notifications when updated packages are available However due to an error in the ...

Page 50: ...s to manage multipath devices by giving the device mapper multipath kernel module instructions on what to do as well as by managing the creation and removal of partitions for device mapper devices This update addresses the following bugs the udev rules for device mapper multipath were causing device mapper to occasionally create multipath devices without using the user specified uid gid or mode Th...

Page 51: ...ted to the host it may end up with the same LUN ID and name as the old LUN In this case multipath will assume that this is the old LUN and belongs to the existing multipath device This cause cause corruption A new path checker hp_tur has been added that verifies the WWID of the LUN when it checks the path to avoid this problem BZ 437585 275 The tur path checker was marking paths in standby mode as...

Page 52: ...293 BZ 545882 294 The kpartx utility now supports DASDs devices with more then 65520 cylinders BZ 524009 295 All users are advised to upgrade to these updated packages which resolve these issues and add these enhancements 1 37 dhcp 1 37 1 RHBA 2010 0042 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2010 0042 296 281 https bugzilla redhat c...

Page 53: ...ease The system would spend so much time running the dhclient script every time it made a request that it would become almost unresponsive A patch has been added to the code setting the minimum lease time to 60 seconds By preventing very short lease times the server no longer becomes unresponsive from an overload of renewal requests BZ 498658 298 When the localClockFudge variable was empty the sbi...

Page 54: ...fter reconnection In these updated packages a new IPv6 address is assigned to an interface after disconnecting and reconnecting BZ 466251 302 DHCPv6 request packets created by the DHCPv6 client did not contain the IA sub field which should contain the address advertised by the server Consequently the DHCPv6 client might have encountered issues trying to interact with other DHCPv6 servers With this...

Page 55: ... 5xxx and 7xxx series processors BZ 520123 306 Users of dmidecode are advised to upgrade to this updated package which includes this enhanced support 1 39 2 RHEA 2010 0303 enhancement update An updated dmidecode package that provides enhancements is now available The dmidecode package provides utilities for extracting x86 and Intel Itanium hardware information from the system BIOS or EFI depending...

Page 56: ...rary the light would not remain lit as expected The dmraid packages have been updated to turn off the light correctly after a manual disk rebuild and the drive light now correctly indicates the drive state BZ 514497 309 dmraid binaries in the sbin directory previously relied on libraries in the usr directory Since the sbin directory typically only contains programs executed by the root user relian...

Page 57: ...SPI Browser sniff Script Recorder creates Python scripts based on user actions and AT SPI Browser is a graphical browser of the desktop elements hierarchy exposed by Dogtail This updated dogtail package fixes the following bugs the destroyAbout function was undefined in the previous Dogtail release Consequently the Close button in the AT SPI Browser About window Help About did not work This functi...

Page 58: ...rror in the mkdosfs command was corrected when the drive geometry is not correctly reported mkdosfs now sets the drive geometry to the default values as per its message to STD OUT Consequently FAT file systems created with mkdosfs are now correct and dosfslabel can set its label BZ 249067 318 although dosfstools contains ELF objects the dosfstools debuginfo package was empty With this update the d...

Page 59: ...t4fs file system utilities The e4fsprogs packages have been upgraded to upstream version 1 41 9 for Red Hat Enterprise Linux 5 5 These updated packages contain several bug fixes over the previous version Important These packages are now designed and intended to be installed alongside the original e2fsprogs package in Red Hat Enterprise Linux As such certain binaries in the e4fsprogs packages have ...

Page 60: ...Red Hat Enterprise Linux 4 and 5 This update has been rated as having important security impact by the Red Hat Security Response Team ELinks is a text based Web browser ELinks does not display any images but it does support frames tables and most other HTML tags An off by one buffer overflow flaw was discovered in the way ELinks handled its internal cache of string representations for HTML special...

Page 61: ...emoving smart cards should no longer cause the Enterprise Security Client to crash BZ 517414 330 When creating a password for the Enterprise Security Client using certain characters such as the dollar sign and exclamation point could cause a failure to enroll when entering the password later This update fixes this problem so that using such symbols when creating passwords does not fail when attemp...

Page 62: ... BZ 511912 334 Change glibc32 BuildRequires to file based BuildRequires BZ 521901 335 Use update alternatives to provide the common usr share qemu pxe roms directory BZ 546016 336 Use 0644 permission on all rom files BZ 547773 337 All etherboot users should install this update which addresses these issues 1 49 ethtool 1 49 1 RHBA 2010 0279 bug fix and enhancement update An enhanced ethtool package...

Page 63: ... evince now correctly searches the whole document resolving this issue BZ 469379 344 previously evince classified a single error dialog as a full running instance Consequently if an instance of evince contained only an error dialog any document opened would appear that instance This may have confused users as documents were displayed in the workspace where the error dialog is located rather than t...

Page 64: ...script have been corrected by modifying it to return a value of 2 on an unsupported command a return of 1 when the NETWORKING parameter is set to no returning the correct status error to the user and forcing the script to restart using condrestart when the status is not equal to 0 The default configuration referred to an undefined domain list causing errors when trying to relay email The correct d...

Page 65: ...9 2666 349 A flaw was found in the way fetchmail handles rejections from a remote SMTP server when sending warning mail to the postmaster If fetchmail sent a warning mail to the postmaster of an SMTP server and that SMTP server rejected it fetchmail could crash CVE 2007 4565 350 A flaw was found in fetchmail When fetchmail is run in double verbose mode v v it could crash upon receiving certain mal...

Page 66: ...pdated filesystem package now owns but does not create the locale specific man page directories located under usr share man locale BZ 487568 353 All users of filesystem are advised to upgrade to this updated package which resolves this issue 1 54 firefox 1 54 1 RHSA 2010 0112 Critical security update Important This update has already been released prior to the GA of this release as the security er...

Page 67: ...la Firefox is an open source Web browser XULRunner provides the XUL Runtime environment for Mozilla Firefox Several flaws were found in the processing of malformed web content A web page containing malicious content could cause Firefox to crash or potentially execute arbitrary code with the privileges of the user running Firefox CVE 2009 3979 361 CVE 2009 3981 362 CVE 2009 3986 363 A flaw was foun...

Page 68: ... form history A malicious web page could steal saved form data by synthesizing input events causing the browser to auto fill form fields which could then be read by an attacker CVE 2009 3370 368 A flaw was found in the way Firefox creates temporary file names for downloaded files If a local attacker knows the name of a file Firefox is going to download they can replace the contents of that file wi...

Page 69: ...e GA of this release as the security errata RHSA 2009 1430 378 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5 This update has been rated as having critical security impact by the Red Hat Security Response Team Mozilla Firefox is an open source Web browser XULRunner provides the XUL Runtime environment for Mozilla Firefox nspr provid...

Page 70: ...hould upgrade to these updated packages which contain Firefox version 3 0 14 which corrects these issues After installing the update Firefox must be restarted for the changes to take effect 1 55 firstboot 1 55 1 RHBA 2010 0314 bug fix update Updated firstboot packages that fix a bug are now available The firstboot utility runs after installation It guides the user through a series of steps that al...

Page 71: ...backported patch to correct this issue After installing the update radiusd will be restarted automatically 1 56 2 RHBA 2009 1678 bug fix update Note This update has already been released prior to the GA of this release as FASTRACK errata RHBA 2009 1678 392 Updated freeradius packages that fix a bug are now available FreeRADIUS is an Internet authentication daemon which implements the RADIUS protoc...

Page 72: ...ese updated gail packages fix the following bug when starting a GNOME application at the shell prompt the GAIL library incorrectly printed the following spurious error message when the GNOME_ACCESSIBILITY environment variable was set to 0 which disables GNOME accessibility support GTK Accessibility Module initialized With this update this message no longer appears when the GNOME_ACCESSIBILITY envi...

Page 73: ...irectory In certain configurations if a local attacker is able to trick a local user into running a Java application which uses a function to load native libraries such as System loadLibrary from within an attacker controlled directory containing a malicious library or module the attacker could possibly execute arbitrary code with the privileges of the user running the Java application CVE 2009 37...

Page 74: ... fail This was caused by a bug in the GCC instruction set for PowerPC where compiling with mno sched prolog could discard debug location lists This update fixes the bug ensuring consistent DWARF access to function parameters on PowerPC BZ 528792 404 The libgcc undwinder now supports DW_OP_swap handling This update also fixes bugs in the way unwinding code handled unwind information from DW_OP_ gt ...

Page 75: ...h thousands of set breakpoints was unacceptably slow This was because a previous patch introduced a mechanism that hid breakpoint instructions and returned shadow content whenever target_read_memory accessed memory The aforementioned patch was implemented upstream to be used with a breakpoint always inserted option which was not implemented in Red Hat Enterprise Linux version of GDB But Red Hat En...

Page 76: ...r BZ 565601 417 All GDB users should apply this update 1 61 gfs kmod 1 61 1 RHSA 2010 0291 Moderate security bug fix and enhancement update Updated gfs kmod packages that fix one security issue numerous bugs and add one enhancement are now available for Red Hat Enterprise Linux 5 5 kernel release 2 6 18 194 el5 The Red Hat Security Response Team has rated this update as having moderate security im...

Page 77: ...de to fence the node With this update you can override the GFS withdraw function by mounting the file system with the o errors panic option specified When this option is specified any errors that would normally cause the system to withdraw cause the system to panic instead This stops the node s cluster communications which causes the node to be fenced BZ 517145 422 Finally these updated gfs kmod p...

Page 78: ...e converts BZ 548585 442 Conversion of inodes that are of different metatree heights in gfs and gfs2 is incorrect BZ 548588 443 Allow fsck gfs2 to check RO mounted file systems BZ 557128 444 GFS2 gfs2_convert should fix statfs file BZ 556961 445 gfs2_convert doesn t convert jdata files correctly BZ 545602 446 GFS2 fatal invalid metadata block after gfs2_grow BZ 546683 447 424 https bugzilla redhat...

Page 79: ...was performed BZ 533213 449 the implementation of the seg_timedwait function in assembler incorrectly decremented the number of waiting threads stored in a block of memory when an invalid nanosecond value was passed through its second argument This error is corrected in this update BZ 540475 450 All users of glibc are advised to upgrade to these updated packages which resolve these issues 1 64 2 R...

Page 80: ...passed through the second argument BZ 529997 455 a race condition in glibc between _dl_lookup_symbol_x and dlopen dlclose etc resulted in a failure in resolving dependencies These updates provide for processes that are exclusive BZ 547631 456 This update also adds the following enhancement glibc incorporates a number of tests to detect corruption in data structures used for heap memory allocation ...

Page 81: ...work GUI application to be unable to start BZ 247522 460 client applications which used the gnome vfs2 library were unable to search for certain paths because the search process ended as soon as it encountered a file or directory which it was unable to read This update fixes this bug in gnome vfs2 so that searches skip over unreadable files or directories and continue as expected Note a future nau...

Page 82: ...anager resulted in a File not found error This update ensures that reserved characters in path names are properly escaped and thus Nautilus is able to access such paths as expected BZ 503112 465 All GNOME users are advised to upgrade to these updated packages which resolve these issues Running GNOME sessions must be restarted for the update to take effect 1 66 gpart 1 66 1 RHBA 2009 1606 bug fix u...

Page 83: ...age which contains a backported patch to correct this issue 1 68 hal 1 68 1 RHBA 2010 0256 bug fix update Updated hal packages that fix various bugs are now available HAL is a daemon for collecting and maintaining information relating to hardware from several system sources The updated packages fix the following bugs a sanity check in the HAL init script was incorrectly exiting with error code 0 w...

Page 84: ...th ATI Mobility Radeon HD 3400 Series chipsets 1002 95c4 or Intel Mobile 4 Series chipsets 8086 2a42 The updated packages fix the suspend issue by correctly specifying the quirk vbe post option for T400 machines BZ 571925 476 All hal users are advised to upgrade to these updated packages which resolve these issues 1 69 hmaccalc 1 69 1 RHBA 2010 0055 bug fix update Note This update has already been...

Page 85: ... when processing certain malformed requests which caused the back end server to be marked as failed in configurations where mod_proxy is used in load balancer mode A remote attacker could cause mod_proxy to not send requests to back end AJP Apache JServ Protocol servers for the retry timeout period 60 seconds by default by sending specially crafted requests CVE 2010 0408 480 A use after free flaw ...

Page 86: ...not fully resolve the issue for HTTPS servers An attack is still possible in configurations that require a server initiated renegotiation Refer to the following Knowledgebase article for further information http kbase redhat com faq docs DOC 20491 A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module A malicious FTP server to which requests are being proxied could use this f...

Page 87: ...LDAPDynamicGroups directive has been added to mod_authnz_ldap to enable support for dynamic groups BZ 252038 496 the mod_substitute module is now included BZ 539256 497 All Apache users should install these updated packages which address these issues 1 71 hwdata 1 71 1 RHEA 2010 0197 enhancement update An updated hwdata package that adds various enhancements is now available The hwdata package con...

Page 88: ... for syscall statfs64 The platform no longer resorts to statfs and works correctly BZ 514938 508 When SIGALRM invokes the signal handler the ia32el application that installed the signal handler stops executing system calls in the correct order This package adds a patch to the code that changes the conditions for the order of executing system calls preventing the signal handler from affecting it BZ...

Page 89: ...han the first LOAD offset according to readelf l When this happened the gdb couldn t read the core file This package includes a patch that adjusts the size of the offset to greater than that of the NOTE offset and filesize The gdb can now succesfully read the core file BZ 533269 517 Users are advised to upgrade to this updated ia32el package which resolves these issues 1 73 iasl 1 73 1 RHBA 2010 0...

Page 90: ...command is issued and innd pid cann to be found The updated init script also returns a message Stopping INND service PID not found the hard way in this case BZ 464916 521 All inn users are advised to upgrade to these updated packages which resolve this issue 1 75 iproute 1 75 1 RHBA 2009 1520 bug fix update Note This update has already been released prior to the GA of this release as FASTRACK erra...

Page 91: ...ig utility has been updated to handle SES SCSI enclosure services devices the same in both the command line and GUI and the firmware level for enclosures is now reported correctly BZ 532544 525 Users with PowerPC 64 systems are advised to upgrade to this updated iprutils package which adds these enhancements 1 77 iptables 1 77 1 RHBA 2009 1539 bug fix update Note This update has already been relea...

Page 92: ... run mode correctly as expected BZ 474381 529 All iptstate users should upgrade to this updated package which resolves this issue 1 79 ipw2200 firmware 1 79 1 RHEA 2010 0218 enhancement update An enhanced ipw2200 firmware package is now available The ipw2200 firmware package contains the firmware files required by Intel PRO Wireless 2200 network adapters The enhancement contains new open source 80...

Page 93: ...hanism when iSCSI ifaces were used with different initiator names The sendtarget discovery feature was using the default name etc iscsi initiatorname iscsi instead of the iname in the iface As a consequence the wrong name was being used The discovery mechanism has now been fixed so that it uses the iname in the iface As a result they are discovered correctly and the right names are used BZ 504666 ...

Page 94: ...ware The iwlwifi 3945 driver requires firmware loaded on the device in order to function The iwl3945 firmware package provides the iwl3945 driver with this required firmware and enables the driver to function correctly with iwl3945 hardware This updated iwl3945 firmware package adds the following enhancement it is best to pair equivalent versions of these components in order to provide maximum com...

Page 95: ...gether to provide proper wireless functionality It is best to pair equivalent versions of these components in order to provide maximum compatibility between them which this updated package provides BZ 501609 542 Users of wireless devices which use iwl5000 firmware are advised to upgrade to this updated package which adds this enhancement 1 84 java 1 6 0 ibm 1 84 1 RHBA 2010 0327 bug fix update Upd...

Page 96: ... discovered that the JRE still accepts certificates with MD2 hash signatures even though MD2 is no longer considered a cryptographically strong algorithm This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by the JRE With this update the JRE disables the use of the MD2 algorithm inside signatures by default CVE 2009 2409 550 A timing attack ...

Page 97: ...pletviewer application All users of java 1 6 0 openjdk are advised to upgrade to these updated packages which resolve these issues All running instances of OpenJDK Java must be restarted for the update to take effect 1 86 java 1 6 0 sun 1 86 1 RHBA 2010 0072 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2010 0072 568 Updated java 1 6 0 sun...

Page 98: ...Public Domain Korn SHell package a new package in Red Hat Enterprise Linux 5 4 does not recognize the source keyword in shell scripts Consequently if pdksh was used as the shell on systems with KDE installed the following error message was returned in login shells ksh etc profile d kde sh 7 source not found The kde sh shell script in this update has been edited with source replaced by The full sto...

Page 99: ...found in the kdelibs string to floating point conversion routines A web page containing malicious JavaScript could crash Konqueror or potentially execute arbitrary code with the privileges of the user running Konqueror CVE 2009 0689 573 Users should upgrade to these updated packages which contain a backported patch to correct this issue The desktop must be restarted log out then log back in for th...

Page 100: ...this flaw only affected the i386 architecture CVE 2010 0003 579 Moderate missing capability checks were found in the ebtables implementation used for creating an Ethernet bridge firewall This could allow a local unprivileged user to bypass intended capability restrictions and modify ebtables rules CVE 2010 0007 580 Low Bug fixes a bug prevented Wake on LAN WoL being enabled on certain Intel hardwa...

Page 101: ...ect 1 88 2 RHSA 2010 0046 Important security and bug fix update Important This update has already been released prior to the GA of this release as the security errata RHSA 2010 0046 596 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5 This update has been rated as having important security impact by the Red Hat Security Res...

Page 102: ...found in the Linux kernel On AMD64 systems 32 bit processes could access and read certain 64 bit registers by temporarily switching themselves to 64 bit mode CVE 2009 2910 603 Moderate the RHBA 2008 0314 update introduced N_Port ID Virtualization NPIV support in the qla2xxx driver resulting in two new sysfs pseudo files sys class scsi_host a qla2xxx host vport_create and vport_delete These two fil...

Page 103: ...he IPv6 Extension Header EH handling implementation in the Linux kernel The skb dst data structure was not properly validated in the ipv6_hop_jumbo function This could possibly lead to a remote denial of service CVE 2007 4567 610 Important a flaw was found in each of the following Intel PRO 1000 Linux drivers in the Linux kernel e1000 and e1000e A remote attacker using packets larger than the MTU ...

Page 104: ...ructure in this function was not initialized properly before being copied to user space This could lead to an information leak CVE 2009 3612 617 Moderate unix_stream_connect did not check if a UNIX domain socket was in the shutdown state This could lead to a deadlock A local unprivileged user could use this flaw to cause a denial of service CVE 2009 3621 618 Moderate Knowledgebase DOC 20536 has st...

Page 105: ...39681 638 general OProfile support for some newer Intel processors BZ 539683 639 system crash during boot when NUMA is enabled on systems using MC and kernel xen BZ 539684 640 on some larger systems performance issues due to a spinlock BZ 539685 641 APIC errors when IOMMU is enabled on some AMD Opteron systems BZ 539687 642 624 https bugzilla redhat com bugzilla show_bug cgi id 533858 625 https bu...

Page 106: ...perating system Security fixes a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled This could aid in the local exploitation of NULL pointer dereference bugs CVE 2009 2695 650 Important a NULL pointer dereference flaw was found in the eCryptfs implementation in the Linux kerne...

Page 107: ... RHSA 2009 1243 update removed the mpt_msi_enable option preventing certain scripts from running This update adds the option back BZ 526963 659 an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter the default is 20 did not have any effect over packets as the hit count could not be reached BZ 527434 660 a check has been added to the IPv4 code to m...

Page 108: ...nter dereference flaw was found in the Multiple Devices md driver in the Linux kernel If the suspend_lo or suspend_hi file on the sysfs file system sys is modified when the disk array is inactive it could lead to a local denial of service or privilege escalation Note By default only the root user can write to the files noted above CVE 2009 2849 667 Moderate Bug fixes a bug in nlm_lookup_host could...

Page 109: ...t via write 2 the NFS client needed to flush the modified portion of the page out to the server then read the entire page back in This flush caused performance issues BZ 521244 683 a kernel panic when using bnx2x devices LRO in a bridge A warning is now provided to disable LRO in these situations BZ 522636 684 the scsi_dh_rdac driver was updated to recognize the Sun StorageTek Flexline 380 BZ 5232...

Page 110: ...acker could trigger this flaw by sending a Delete Block ACK DELBA packet to a target system resulting in a remote denial of service Note This issue only affected users on 802 11n networks and that also use the iwlagn driver with Intel wireless hardware CVE 2009 4027 696 Important a flaw was found in the gfs2_lock implementation The GFS2 locking code could skip the lock operation for files that hav...

Page 111: ...2 This update provides improved support for the ibmvscsi driver including support for fastfail mode and improved multipathing support This update is 64 bit PowerPC specific amd64_edac Add and detect ddr3 support BZ 479070 703 Add scsi and libfc symbols to whitelist_file BZ 533489 704 Extend KABI to support symbols that are not part of the current KABI BZ 526342 705 libfc bug fixes and improvements...

Page 112: ...nel may permanently enter the uninterruptible sleep state D State making the system impossible to shut down This update adds the Detect Hung Task kernel thread providing the ability to detect tasks permanently stuck in the D State This new feature is controlled by the CONFIG_DETECT_HUNG_TASK kernel flag When set to y tasks stuck in the D State are detected when set to n it is off The default value...

Page 113: ...ge in Red Hat Enterprise Linux 5 4 the installer will prompt for the network configuration regardless of whether these parameters appear in the PARM or CONF files This flaw was addressed by removing the annotation of cmdline as __initdata The installer no longer prompts for network configuration when not required 1 88 7 1 2 Kernel Platform Enablement 1 88 7 1 2 1 BX EX MC Enablement Features Intel...

Page 114: ... offline operations 1 88 7 1 2 3 x86_64 specific Updates k8 Do not mark early_is_k8_nb as __init BZ 567275 746 This update addresses a problem with CPU hotplugging identified on AMD Magny Cours machines Avoid deadlocks during MCE broadcasts BZ 562866 747 Wire up compat sched_rr_get_interval BZ 557092 748 A problem was found where if a program that calls sched_rr_get_interval is compiled on x86 and...

Page 115: ...ngs by OSA hw level BZ 559621 757 A problem was found where new hardware was being configured with values for old hw levels because BLKT settings were not being set according to different hw levels This update ensures that the BLKT settings are applied after the hw level has been probed Clear high order bits after switching to 64 bit mode BZ 546302 758 Fix single stepping on svc 0 BZ 540527 759 A ...

Page 116: ...ymous mappings resulted in poor performance This update optimizes the instructions that are used for these operations CIO set correct number of internal I O retries BZ 519814 766 A problem was found where if a device has n paths and that device is not path grouped and an internal I O command fails then the control unit presents the error sense n times on each different path Because CIO only perfor...

Page 117: ... virtio balloon module BZ 564361 781 VT d Ignore unknown DMAR entries BZ 563900 782 kvm Fix double registering of pvclock on i386 BZ 557095 783 Fix frequency scaling on Intel platforms BZ 553324 784 Update to enable VF in Dom0 BZ 547980 785 Xen IOMMU fix for AMD M C platforms with SATA set to IDE combined mode BZ 544021 786 AMD M C systems that is Maranello platforms have several SATA settings for...

Page 118: ...most immediately A 32 bit HVM booted and installed successfully on a 32 bit host This update masks out the xsave and osxsave bits to prevent this problem from occurring Enable display of the ida flag on Xen kernels BZ 522846 799 The ida flag which indicates the presence of the Turbo Boost feature was not seen in the cpuflags section of proc cpuinfo on Xen kernels This occurred on both 32 bit and 6...

Page 119: ... starting guest BZ 466681 812 AMD IOMMU Xen pass through support BZ 531469 813 Add balloon driver for KVM guests BZ 522629 814 Add AMD node ID MSR support BZ 530181 815 BZ 547518 816 Provide pass through MSI X mask bit acceleration V3 BZ 537734 817 CD ROM drive does not recognize new media BZ 221676 818 kvmclock fix incorrect wallclock value BZ 519771 819 KMP for Xen kernel cannot be applied BZ 52...

Page 120: ...566016 838 tg3 fix race condition with 57765 devices BZ 565965 839 forcedeth fix putting system into S4 BZ 513203 840 netfilter allow changing queue length via netlink BZ 562945 841 e1000e fix deadlock unloading module on some ICH8 BZ 555818 842 Wireless fixes from 2 6 32 2 2 6 32 3 2 6 32 4 2 6 32 7 BZ 559711 843 be2net latest bugfixes from upstream for Red Hat Enterprise Linux 5 5 BZ 561322 844 ...

Page 121: ...less avoid deadlock when enabling rfkill BZ 542593 869 wireless updates of mac80211 etc from 2 6 32 and wireless support updates from 2 6 32 BZ 456943 870 BZ 474328 871 BZ 514661 872 BZ 516859 873 bnx2 update to version 2 0 2 BZ 517377 874 cnic Update driver for Red Hat Enterprise Linux 5 5 BZ 517378 875 bnx2x Update to 1 52 1 5 add support for bcm8727 phy add support for bcm8727 phy add mdio supp...

Page 122: ...576ns serdes adapter BZ 517063 908 qlge updates and fixes for Red Hat Enterprise Linux 5 5 BZ 519453 909 igb fix kexec with igb controller BZ 527424 910 qlge fix crash with kvm guest device passthrough BZ 507689 911 igb set vf rlpml must take vlan tag into account BZ 515602 912 fix race in data receive select BZ 509866 913 augment raw_send_hdrinc to validate ihl in user hdr BZ 500924 914 bonding i...

Page 123: ...n svc_rqst on socket recv BZ 500653 936 tcp do not use TSO GSO when there is urgent data BZ 502572 937 vxge new driver for Neterion 10Gb Ethernet and Makefile Kconfig and config additions BZ 453683 938 8139too RTNL and flush_scheduled_work deadlock BZ 487346 939 icmp fix icmp_errors_use_inbound_ifaddr sysctl BZ 502822 940 bonding allow bond in mode balance alb to work BZ 487763 941 rtl8139 set mac...

Page 124: ... bit when appropriate preventing the creation of this infinite loop nfsnobody 4294967294 causes idmapd to stop responding BZ 519184 958 statfs on NFS partition always returns 0 BZ 519112 959 A problem was found where statfs on NFS partitions always returned a zero 0 value regardless of success or fail On fail statfs should return a negative number This update corrects the problem so that statfs be...

Page 125: ...2 972 Previously when using GFS2 if two nodes concurrently updated the same file each node would overwrite the other node s data as the file position for such a file was not being updated correctly This issue only occurred when using open with the O_APPEND flag and then issuing a write without first performing another operation on the inode such as stat or read Fix glock reference count issues BZ ...

Page 126: ... on reading symlinks Copy struct after setting port not before Add addr mount option alias for ip Free nativeFileSystem before allocating new one Fix read buffer overflow Fix potential NULL deref in parse_DFS_referrals Fix memory leak in ntlmv2 hash calculation Fix broken mounts when an SSH tunnel is used Avoid invalid kfree in cifs_get_tcp_session 1 88 7 1 5 4 Cluster specific Updates dlm Fix con...

Page 127: ...13rh BZ 516710 1000 The mtp base driver for devices using LSI Fusion MPT firmware has been updated to version 3 4 13rh This update fixes many issues most notably The serial attached SCSI SAS topology scan has been restructured adding expander link status and host bus adapter HBA events Intermittent issues caused by SAS cable removal and reinsertion have been fixed An issue where SATA devices recei...

Page 128: ...e BZ 505331 1010 Fix inode_table test in ext 2 3 _check_descriptors BZ 504797 1011 Support origin size chunk size BZ 502965 1012 smbd proccess hangs with flock call BZ 502531 1013 inotify fix race BZ 499019 1014 Don t allow setting ctime over v4 BZ 497909 1015 AVC denied 0x100000 for a directory with eCryptFS and Apache BZ 489774 1016 Don t zero out pages array inside struct dio BZ 488161 1017 Fil...

Page 129: ...rectable non fatal or uncorrectable fatal error was triggered As a result subsequent errors would sometimes display a previously reported error This update ensures that errors are only reported once Add base AER driver support BZ 517093 1029 This feature provides the advanced error handling diagnosis and recovery for PCI Express devices by adding AER Advanced Error Reporting support PCIe AER provi...

Page 130: ...storage arrays BZ 518496 1053 Disable state transition from OFFLINE to RUNNING BZ 516934 1054 This feature prevents a timeout from occurring on the same device repeatedly by disabling the state transition of the SCSI device from OFFLINE to RUNNING in the unblock function of the SCSI layer This update applies to 32 bit x86 64 bit Intel 64 and AMD64 and 64 bit Itanium2 architectures Add be2iscsi dri...

Page 131: ...ce ID for 82801JI sata controller BZ 506200 1076 Fix a race in dm raid1 BZ 502927 1077 raid deal with soft lockups during resync BZ 501075 1078 blktrace stops working after a trace file directory replacement BZ 498489 1079 I O scheduler setting via elevator kernel option is not picked up by Xen guest BZ 498461 1080 Fix rcu accesses in partition statistics code BZ 493517 1081 Fix iosched batching f...

Page 132: ...ices in this hardware line support 802 11a 802 11b 802 11g and 802 11n protocols This update also includes support for the iwl1000 hardware line Support for iwl5000 iwl4965 and iwl3945 was also updated In order to support the features of these drivers the mac80211 and cfg80211 subsystems were updated Further all existing mac80211 based drivers were refreshed to match the updated mac80211 subsystem...

Page 133: ...rovides a tracepoint to trace kernel pagefault events The argument should include the IP instruction pointer and the faulted virtual address This update applies to 32 bit x86 and 64 bit Intel 64 and AMD64 architectures Memory mapped files not updating timestamps BZ 452129 1105 Prevent hangs or long pauses when zone_reclaim_mode 1 BZ 507360 1106 1 88 7 1 11 Audit and Security Updates 1 88 7 1 11 1 ...

Page 134: ...121 EDAC driver fix for non MMCONFIG systems BZ 550123 1122 khungtaskd not stopped during suspend BZ 550014 1123 Do not evaluate WARN_ON condition twice BZ 548653 1124 Fix NULL pointer panic in acpi_run_os BZ 547733 1125 Implement public pci_ioremap_bar function BZ 546244 1126 Fix PTRACE_KILL hanging in 100 CPU loop BZ 544138 1127 Fix compile warnings in eeh code BZ 538407 1128 This update was nec...

Page 135: ...m 1 enable MSI X interrupt mechanism 2 enable MSI interrupt mechanism Implement futex priority based wakeup BZ 531552 1137 A problem was found where the threads waiting on the futex_q queue list would acquire the mutex lock in the order they were queued rather than by priority This update addresses that problem Make scsi_dh_activate asynchronous to address the slower LUN failovers with large numbe...

Page 136: ... This update addresses this bug and PCI E hotplug slots are now detected correctly Fix NULL pointer dereference in pci_bus_show_cpuaffinity BZ 519633 1152 A problem was found where reading sys class pci_bus 0000 ff cpuaffinity using cat or a similar function would cause the kernel to crash and the system to reboot This update provides a solution to this problem Fix device detach and hotplug with i...

Page 137: ...tiple device failure renders dm raid1 unfixable BZ 498532 1173 Don t oomkill when hugepage alloc fails on node BZ 498510 1174 Prevent tmpfs from going readonly during oom kills BZ 497257 1175 documentation fix file nr definition in fs txt BZ 497200 1176 Conditional flush in flush_all_zero_pkmaps BZ 484683 1177 Fix corrupted intel_rng kernel messages BZ 477778 1178 Use KVM pvclock code to detect co...

Page 138: ...vides tracing tools with pointers to the coredump filename string and to the coredump_params data structure BZ 517115 1192 Add four new signal related tracepoints to the kernel These tracepoints provide tracing tools which can deliver significant amounts of data Refer to the bug report for full details BZ 517121 1193 Add support for Nehalem EX Beckton processors in Oprofile BZ 521992 1194 1 89 kex...

Page 139: ...91 1198 previously kdump waited indefinitely for all devices in its critical_disks list to be available before it performed a dump Kexec tools now has a disk_timeout parameter that limits how long kdump will wait for storage to respond BZ 500741 1199 a logical flaw meant that the presence of files with certain names in current directory of mkdumprd would prevent a dump The code used to evaluate th...

Page 140: ...mkdumprd resolved hostnames for NFS locations specified in kdump conf and stored their IP addresses Mkdumprd now stores the hostnames instead and can therefore find the hosts successfully even if their IP addresses change BZ 545980 1210 kexec tools now pulls in nsslibs and using the settings in etc resolv conf can therefore perform DNS lookups and find NFS locations specified in kdump conf BZ 5499...

Page 141: ...ion algorithms If a remote KDC client were able to provide a specially crafted AES or RC4 encrypted ciphertext or texts it could potentially lead to either a denial of service of the central KDC KDC crash or abort upon processing the crafted ciphertext or arbitrary code execution with the privileges of the KDC i e root privileges CVE 2009 4212 1215 All krb5 users should upgrade to these updated pa...

Page 142: ...event this race condition occuring allowing ksh scripts to be run normally on the system BZ 435159 1219 when profile executed a return command some new processes were executed without working stdin because it was already closed This version correctly restores the shell state after return was used in profile making stdin available for new processes BZ 506790 1220 ksh returned an incorrect exit code...

Page 143: ...th a segmentation fault With this update ksh checks whether the point has numerical or parent separator meaning and produces only an error message when appropriate BZ 548519 1229 when the array variable was declared using the built in set but not defined this declaration did not take effect The built in set included in the updated ksh declares array variables correctly BZ 553611 1230 All users of ...

Page 144: ...t s system clock had the tendency to drift by an amount correlated with the system load This ktune update provides an interactive Bourne shell script fix_clock_drift sh which when run as with root privileges inspects various system parameters to determine if the guest on which it is run is susceptible to clock drift under load and if so creates a new grub conf kvm file in the boot grub directory T...

Page 145: ...dware These updated kvm packages fix the following bug rebooting a KVM guest domain could cause the guest to fail to receive keyboard and mouse input following the reboot This has been fixed by reinitializing keyboard and mouse state in the guest after it reboots which resolves the issue BZ 517855 1239 Note after installing these updated packages the following procedure should be carried out to en...

Page 146: ... devices aborted during installation returning the error message unhandled vm exit 0x31 vcpu_id 0 Using an interface other than virtio for the guest virtual disk was a work around documented in the Red Hat Enterprise Linux 5 4 Technical Notes Known Issues for KVM The work around was associated with BZ 518081 1242 the original Bugzilla report for this issue http www redhat com docs en US Red_Hat_En...

Page 147: ... way QEMU KVM handled erroneous data provided by the Linux virtio net driver used by guest operating systems Due to a deficiency in the TSO TCP segment offloading implementation a guest s virtio net driver would transmit improper data to a certain QEMU KVM process on the host causing the guest to crash A remote attacker could use this flaw to send specially crafted data to a target guest system ca...

Page 148: ...ests can successfully use multiple VCPU BZ 502543 1253 BZ 503322 1254 Migrating a paused guest caused the guest to resume at the destination Paused guests now remain paused after a migration BZ 503367 1255 Multiple virtualized guests using the hypercall device resulted in one or more of the guests using 100 of their assigned CPUs or becoming unresponsive The updated packages fix the hypercall devi...

Page 149: ...The updated packages resolve this issue and host I O errors will pause the guest instead of causing file system corruption BZ 531827 1269 With Red Hat Enterprise Virtualization the virtio_blk_dma_restart_bh function previously handled write errors The function was not updated for this causing read errors to be resubmitted as writes This caused guest image corruption in some cases Additionally the ...

Page 150: ...ckage resolves this issue BZ 520394 1280 Time drift may have occurred in Windows guests that use the IOAPIC interrupt for timing The updated packages resolve this issue and Windows guests should now keep time accurately BZ 521025 1281 Windows Server 2003 32 bit and 64 bit guests may have experienced time drift BZ 543137 1282 On AMD hosts Window Server 2008 R2 Datacenter guests would stop during th...

Page 151: ...hen a guest was saved and restored These drivers not being saved could cause the guest s time keeping to become significantly skewed after restoring or migrating the guest In the updated packages the MSR values are preserved when a guest is saved and restored and for migrations BZ 531701 1294 Installing Windows Server 2008 R2 from an ISO image could result in a blue screen BAD_POOL_HEADER stop err...

Page 152: ... BZ 544785 1307 The qemu kvm man page incorrectly described the qcow2 default as cache writeback The default is cache none for qcow2 images and cache writethrough for all other disk types The man page for qemu kvm has been updated to reflect this BZ 545194 1308 KVM did not verify if barriers were required for migration KVM now verifies if barriers are required for guest migration and disables barr...

Page 153: ...indows guests BZ 537178 1328 The cache flushing command was changed from fsync to fdatasync This allows write caches to be exposed to guests and allows the guest to request for flushing I O buffers This improves I O performance for some guests BZ 537646 1329 KVM can now use gPXE or etherboot roms stored in the usr share qemu pxe roms directory BZ 546019 1330 and BZ 550053 1331 Support for changing...

Page 154: ...d upgrade to this re based package which resolves these issues 1 96 libXi 1 96 1 RHBA 2010 0127 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2010 0127 1338 Updated libXi packages that resolve an issue are now available libXi is the X Org XInput runtime library These updated libXi packages fix the following bug the XInitThreads function in...

Page 155: ...expected BZ 498044 1341 Users are advised to upgrade to this updated libXrandr package which resolves this problem 1 98 libXt 1 98 1 RHBA 2010 0192 bug fix update An updated libXt package that fixes a bug which prevented C code from building is now available libXt is the X toolkit intrinsics runtime library conflicting declarations in several header files meant C code could not be compiled against...

Page 156: ...convenient API for performing common tasks with different CMPI providers the libcmpiutil package is used by the libvirt cim package An update to the libvirt cim package requires this update BZ 540843 1344 Users are advised to upgrade to this updated libcmpiutil package which resolves these issues and adds these enhancements 1 101 libevent 1 101 1 RHEA 2010 0244 enhancement update An updated libeve...

Page 157: ...poptions file BZ 509064 1347 All CUPS users are advised to upgrade to these updated packages which resolve this issue 1 103 libgtop2 1 103 1 RHBA 2010 0099 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2010 0099 1348 Updated libgtop2 packages that resolve an issue are now available The libgtop2 package contains a library that enables acces...

Page 158: ...te adds the following enhancement previously huge pages worked well once configured but setting them up was a complicated multi step potentially error prone process This updated package includes a script huge_page_setup_helper that asks for three pieces of data and then sets up huge pages for use based on the answers provided The three data points required by the script are the memory to allocate ...

Page 159: ...es fix the following bug nscd the name service caching daemon provides a cache for common name service requests The libuser utilities were unable to signal to nscd that its cache should be refreshed which caused name service delays after changing user account information For example after adding a new user with the luseradd utility the newly added user was not available until ncsd invalidated and ...

Page 160: ...en added meaning only the single netfront interface is configured BZ 483884 1358 The storage pool deletion routine did not distinguish between files and directories when removing data As a result inactive storage pools could not be deleted With this update files and directories are removed appropriately allowing inactive storage pools to be deleted BZ 496579 1359 When adding a new physical host PC...

Page 161: ...ommand would result in errors The virsh vol path command was altered to support the pool parameter and the errors no longer occur BZ 509306 1366 The virsh find storage pool sources command failed to find any dir nfs netfs pool sources and failed with unknown failure The error reporting was fixed and the command now works as expected BZ 509979 1367 The virsh nodedev create command resulted in an ou...

Page 162: ...ened WWN path sys class fc_host host5 port_name for reading message was updated and the error messages no longer appear in the log file BZ 514324 1375 The virsh man page described most operations as being asynchronous which is not the case The man page was updated to state that most operations are synchronous except creation and shutdown of domains BZ 514532 1376 Guests that use the default source...

Page 163: ...where possible the error is now more informative BZ 531729 1383 When using xen ssh to connect to a host sometimes an RPC entry point would not be available and dominfo would raise an uninformative error unknown procedure error The error reporting was changed and it now reports as an unsupported entry point BZ 531735 1384 When a network created a bridge it would only be enabled if the host had an I...

Page 164: ... to qemu guests BZ 481748 1391 Implementation of the virsh dump command for QEMU KVM guests is included in this release BZ 507551 1392 Support was added to libvirt for KVM PCI device assignment hotplug BZ 517465 1393 Added mem prealloc to the KVM command line when using hugepage BZ 518099 1394 libvirt now allows the creation of more than 256 guests and more than 150 DHCP leases BZ 519729 1395 BZ 5...

Page 165: ...f multiple libvirt based platforms This update addresses the following bug the libvirt cim spec file included a Requires xen line Consequently selecting the libvirt cim package in the KVM group during installation installed the xen package as a dependency For this update that line was removed and Xen is no longer installed automatically when libvirt cim is installed BZ 517579 1400 Note libvirt cim...

Page 166: ...bitrary code when opened CVE 2009 3379 1403 Users of libvorbis should upgrade to these updated packages which contain backported patches to correct these issues The desktop must be restarted log out then log back in for this update to take effect 1 110 linuxwacom 1 110 1 RHEA 2010 0325 enhancement update An enhanced linuxwacom package is now available The Linux Wacom Project manages the drivers li...

Page 167: ...r LM93 and PC87427 SMSC DMF1737 SMSC SCH3112 SCH3114 and SCH3116 SMSC SCH5027D NW and SCH5127 Texas Instruments THMC50 VIA VT1211 Winbond W83L786 NR NG R G Winbond W83793 and R G Users of lm_sensors are advised to upgrade to these updated packages along with the Red Hat Enterprise Linux 5 5 kernel update Doing so resolves this issue and add these enhancements 1 112 log4cpp 1 112 1 RHEA 2010 0313 e...

Page 168: ...en added under the etc logwatch scripts directory logfiles services and shared This mirrors the subdirectory structure of the usr share logwatch scripts directory and also corresponds to the existing documentation BZ 489490 1414 LogWatch attempted to interpret certain compressed log files as plain text log files which resulted in binary information being written to LogWatch output With this update...

Page 169: ...failing when requested Volume Group is locked read only Use read only instead or write lock for lvchange refresh Adds global wait_for_locks to lvm conf so blocking for locks can be disabled Fixes bug where non blocking file locks could be granted in error All users of lvm2 are advised to upgrade to these updated packages which resolve these issues 1 114 2 RHBA 2009 1538 bug fix update Note This up...

Page 170: ...itial deactivation fails Fixes several memory leaks in pvs and pvdisplay commands Dumps persistent device filter after every full scan Refreshes device filters before full device rescan Returns error status if vgchange fails to activate some volume Restricts vgchange to activate only visible LVs Fixes pvmove region_size overflow for very large PVs Fixes lvcreate and lvresize PVS argument always to...

Page 171: ...disabled Adds an API version number LVM_LIBAPI to the VERSION string for liblvm Handles metadata with unknown segment types more gracefully Adds pvmetadatacopies for pvcreate vgcreate vgextend vgconvert Adds implict pvcreate support to vgcreate and vgextend Recognises DRBD devices and handle them like MD mirror devices Checks MD devices for a partition table during device scan Adds extended device...

Page 172: ...lvm2 cluster packages contain support for Logical Volume Management LVM in a clustered environment This update ensures that the bugs fixed by the lvm2 advisory are also fixed in a clustered environment This update applies the following bug fixes Fixes pvmove abort to be cluster aware when temporary mirror activation fails Always query active device by using uuid only in cluster Unlocks shared lock...

Page 173: ...1424 the proc man page referenced two external files incorrectly In the Description section Memory Type Range Registers proc mtrr details were referenced to usr src linux Documentation mtrr txt The See Also section referenced proc txt to usr src linux Documentation filesystems The referenced files are in usr share doc kernel doc 2 6 18 Documentation and the proc man page now reflects this BZ 45621...

Page 174: ... of etc nsswitch conf BZ 522761 1433 the SOCKET OPTIONS section of the ip man page listed IP_MULTICAST_IF as taking ip_mreqn or ip_addr arguments This is incorrect IP_MULTICAST_IF takes arguments with ip_mreqn or in_addr structures This update corrects the error BZ 524246 1434 proc sys fs file max defines a system wide limit on the number of open files for all processes This limit does not however...

Page 175: ...nglish languae chgrp man page Previously however the Japanese translation erroneously listed h or no dereference as the default This error has been corrected and the Japanese chgrp man page now correctly lists dereference as the default option BZ 527638 1440 the SOCKET OPTIONS section of the ip man page listed IP_MULTICAST_IF as taking ip_mreqn or ip_addr arguments This is incorrect IP_MULTICAST_I...

Page 176: ...1445 An updated mdadm package that fixes a bug is now available mdadm is used to create manage and monitor Linux MD software RAID devices It provides similar functionality to the raidtools package This updated package fixes the following bug the previous mdadm update added a data scrubbing cron job etc cron weekly 99 raid check that looks for bad sectors on drives in redundant arrays and fixes the...

Page 177: ...s for this package the code fix is applied to the mesa packages but the resulting compiled code is in the xorg x11 server package see BZ 435963 1448 for the bug as raised against xorg x11 server All users compiling their own xorg x11 server packages should upgrade to these updated mesa packages which resolves this issue 1 121 metacity 1 121 1 RHBA 2009 1610 bug fix update Note This update has alre...

Page 178: ...tors on a system configured to use a Xinerama dual screen configuration caused flickering Metacity has been modified to allow one to move maximized windows meaning they can be dragged between monitors without flickering BZ 495939 1453 Metacity was preventing applications such as Maya from stacking windows correctly This was caused by the focus stealing prevention mechanism A patch has been added t...

Page 179: ...he user s keystrokes This usually happens with older applications written without modern toolkits The new no_focus_windows option allows one to specify which windows should not be given the keyboard s focus BZ 530262 1461 when a new window is not given keyboard focus it is placed underneath the current window and entry flashes When the new apps metacity general new_windows_always_on_top key is set...

Page 180: ...r both multipath devices 2 run mkinitrd again A replicated LUN will now successfully boot provided a the multipath conf in the initrd does not blacklist the new LUN and b var lib multipath bindings in the initrd is either empty or contains an entry binding mpath0 or the device originally installed to to the replicated LUN s WWID BZ 438887 1464 scsi_model devflag options appended to etc modprobe co...

Page 181: ...ger occurs as a result of the non loading of modules BZ 560567 1471 several virtio modules were missing from the previous version of mkinitrd This meant that mkinitrd built incorrectly upon installation if virtio block or network devices were used within the Kernel Based Virtual Machine KVM The final result was kernel panic These updated packages contain the required modules which allow mkinitrd t...

Page 182: ...fter the removal the weak module post installation scripts created symbolic links to the location of the deleted driver This caused problems with driver updates and using the weak module utility The updated packages ensure post installation scripts create valid symbolic links to installed drivers BZ 477089 1476 on systems running Xen hypervisor compatible kernels where the kernel is used as a gues...

Page 183: ...ulti threaded SQL database server MySQL is a client server implementation consisting of a server daemon mysqld and many different client programs and libraries These updated mysql packages fix a bug which occurred after updating the mysql packages from version 5 0 45 which was released as a part of Red Hat Enterprise Linux 5 2 to version 5 0 77 which was released as part of the Red Hat Enterprise ...

Page 184: ...le A remote authenticated attacker could use this flaw to crash the MySQL server daemon mysqld This issue only caused a temporary denial of service as the MySQL daemon was automatically restarted after the crash CVE 2009 4019 1484 When the datadir option was configured with a relative path MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives An...

Page 185: ... this updated package which resolves this issue 1 128 neon 1 128 1 RHSA 2009 1452 Moderate security update Important This update has already been released prior to the GA of this release as the security errata RHSA 2009 1452 1488 Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5 This update has been rated as having moderate security impact by...

Page 186: ...h uses SNMP and a Tk Perl MIB browser These updated net snmp packages provide fixes for the following bugs snmpd the SNMP daemon did not expect the packet counters in the proc net snmp and proc net snmp6 directories to be 64 bit on 64 bit systems When these counters exceeded 32 bits in size which would occur when the Linux kernel sent or received greater than 4 294 967 296 2 32 packets then the sn...

Page 187: ... mteEventSetTable and ipAddressPrefixTable objects These slow memory leaks could have caused problems on machines with multi month uptimes These memory leaks have been plugged in these updated packages BZ 518633 1497 BZ 515650 1498 this update ensures that the snmpd daemon is able to process and respond to broadcast UDP requests BZ 521175 1499 header files contained within the net snmp devel packa...

Page 188: ... networking tools including ifconfig netstat route and others This updated net tools package includes fixes for the following bugs the OPTIONS section of the arp man page includes documentation for the s switch used to manually create ARP address mapping entries Entries supplied with this switch are permanently stored in the ARP cache if the temp flag is not specified and the original English man ...

Page 189: ...sues are now available for Red Hat Enterprise Linux 5 This update has been rated as having moderate security impact by the Red Hat Security Response Team NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times A missing network certificate verification flaw was found in NetworkManager If a user created a WPA Enterprise or 802 1x wir...

Page 190: ...was caused by a coding error which has been fixed in this update thus correctly permitting 63 character passkeys BZ 532723 1516 NetworkManager failed to initialize certain Option NV mobile broadband 3G devices Much improved support has been added for newer mobile broadband devices manufactured by Option NV such as AT T Quicksilver modems BZ 536897 1517 All users of NetworkManager are advised to up...

Page 191: ... provide fixes for the following bugs the whiptail 1 man page was missing from the newt package and is now included BZ 456307 1521 newt did not recognize the escape sequence E Z as the Shift Tab key combination on VT320 terminals and incorrectly interpreted it as Escape With these updated packages newt correctly interprets E Z as Shift Tab BZ 468046 1522 All users of newt are advised to upgrade to...

Page 192: ...ts work correctly BZ 435838 1525 BZ 455218 1526 When the previous version of the nspluginwrapper package was used with Adobe Flash 10 and Firefox was run from the terminal window critical error messages would present in the terminal even though the software worked as expected The error messages do not appear in the terminal window with this latest upgrade BZ 466547 1527 If the umask of the user th...

Page 193: ...which allows applications to look up information about users and groups using a directory server The pam_ldap module is a Pluggable Authentication Module PAM which provides for authentication authorization and password changing against LDAP servers This package addresses the following bugs The nss_ldap package did not support case sensitive text This could cause group membership not to be matched ...

Page 194: ...le Non Uniform Memory Access NUMA policy support It consists of a numactl program to run other programs with a specific NUMA policy and a libnuma to do allocations with NUMA policy in applications This updated package addresses the following issue libvirt tools reported unnecessary warning messages to stderror during execution This caused problems with scripts calling these tools Those warning mes...

Page 195: ... Crypto Express2 FC 0863 or FC 0870 on IBM System z the IBM CP Assist for Cryptographic Function FC 3863 on IBM System z These updated openCryptoki packages provide fixes for the following bugs after initializing a hardware cryptographic token attempting to unwrap an AES key failed and caused openCryptoki to return a CKR_TEMPLATE_INCOMPLETE error code With this update AES key unwrapping now succee...

Page 196: ...ation Interface Specification OpenAIS is an API and a set of policies for developing applications that maintain service during faults The OpenAIS Standards Based Cluster Framework is an OSI certified implementation of the Service Availability Forum AIS The openais packages contain the openais executive openais service handlers default configuration files and init script This update addresses the f...

Page 197: ...nfiguration BZ 544682 1558 Resolve a defect where an internal totem operating flag is not set properly BZ 545151 1559 Resolve a defect where an invalid assertion in single node operation can trigger an assertion BZ 547828 1560 Resolve a defect where the IPC limit was 477k instead of 1MB as it should be BZ 515590 1561 Resolve a defect where IPC would indicate the outbound ipc queue was empty when t...

Page 198: ... services from using them Because the xinetd service is started by default the update resulted in a new xinetd daemon running on systems after OpenIPMI was updated This daemon is not necessary for OpenIPMI operation This update removes the dependency on xinetd but leaves the dummy rmcp service configuration file in place BZ 527474 1565 All OpenIPMI users are advised to upgrade to these updated pac...

Page 199: ...ed a configuration file etc xinetd d rmcp for a dummy rmcp service and introduced an xinetd service dependency to bind UDP ports 623 and 664 and prevent other services from using them Because the xinetd service is started by default the update resulted in a new xinetd daemon running on systems after OpenIPMI was updated This daemon is not necessary for OpenIPMI operation This update removes the de...

Page 200: ...ated packages and allreduce functions as expected BZ 555159 1582 a pseudo requirement has been added to the libibverbs package so that it will automatically pull in the various libibverbs driver packages when using yum to install libibverbs BZ 559789 1583 Libmlx4 was missing device IDs that were present in the Red Hat Enterprise Linux kernel The missing device IDs have now been added to libmlx4 Th...

Page 201: ...OpenLDAP library code to resolve this issue BZ 510522 1589 when slapd was configured to allow client certificates approximately 90 of connections froze because of a large CA certificate file and slapd not checking the success of the SSL handshake BZ 509230 1590 the OpenLDAP server would freeze for unknown reasons under high load These packages add support for accepting incoming connections by new ...

Page 202: ...n in etc sysconfig ldap BZ 452064 1600 the migrate_passwd pl migration script had a problem when number fields contained only a zero Such fields were considered to be empty leading to the attribute not being set in the LDIF output The condition in dump_shadow_attributes has been corrected to allow for the attributes to contain only a zero BZ 113857 1601 the migrate_base pl migration script did not...

Page 203: ...pdate OpenOffice org is a multi platform office productivity suite It includes the key desktop applications such as a word processor spreadsheet presentation manager formula editor and drawing program with a user interface and feature set similar to other office suites Sophisticated and flexible OpenOffice org also works transparently with a variety of file formats including Microsoft Office These...

Page 204: ...e version 1 4 was installed This occurred because the ANT scripts used to build some of the components were not configured to generate version 1 4 compatible bytecode upon which OpenOffice org is dependent This bug has since been fixed by enforcing RPMs to be built with the GNU Compiler for Java GCJ or the Eclipse Compiler for Java EJC GJC specific options have been omitted as these are not recogn...

Page 205: ...ted openssh packages fix the following bug when sshd the SSH daemon used multiple SFTP channels simultaneously each SFTP cthannel leaked a UNIX socket This leak could eventually cause sshd to consume large amounts of system resources This update fixes the leak by ensuring that every SFTP channel closes the UNIX socket with the result that using SFTP with multiple simultaneous channels does not cau...

Page 206: ...vileges and run commands as any system user CVE 2009 2904 1626 All OpenSSH users are advised to upgrade to these updated packages which contain a backported patch to resolve this issue After installing this update the OpenSSH server daemon sshd will be restarted automatically 1 144 4 RHBA 2010 0193 bug fix update Updated openssh packages that fix various bugs and add an enhancement are now availab...

Page 207: ...g the OpenSSL library to crash or possibly execute arbitrary code CVE 2009 3245 1631 A flaw was found in the way the TLS SSL Transport Layer Security Secure Sockets Layer protocols handled session renegotiation A man in the middle attacker could use this flaw to prefix arbitrary plain text to a client s session for example an HTTPS connection to a website This could force the server to process an ...

Page 208: ...on which would cause a memory leak for each subsequent SSL connection This flaw could cause server applications that call those functions during reload such as a combination of the Apache HTTP Server mod_ssl PHP and cURL to consume all available memory resulting in a denial of service CVE 2009 4355 1636 Dan Kaminsky found that browsers could accept certificates with MD2 hash signatures even though...

Page 209: ...onger logs it in any fashion BZ 557688 1639 All openswan users are advised to upgrade to these updated packages which resolve this issue 1 146 2 RHBA 2009 1612 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2009 1612 1640 Updated openswan packages that fix an issue and enable Openswan to pass the TAHI test suite for HMAC SHA1 96 support are...

Page 210: ...eby resulting in more graceful error reporting for the presence of NULL symbols rather than a segmentation fault BZ 450642 1642 OProfile now supports Nehalem EP processor performance events BZ 498619 1643 When the OProfile daemon started on the Itanium architecture it created children processes to run perfmon however those children processes did not properly close file descriptors for stdin stdout...

Page 211: ...ll pam users are advised to upgrade to these updated packages which resolve this issue 1 149 pam_krb5 1 149 1 RHSA 2010 0258 Low security and bug fix update Updated pam_krb5 packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5 The Red Hat Security Response Team has rated this update as having low security impact A Common Vulnerability Scoring Syste...

Page 212: ...xes a word wrap bug associated with paps use as the CUPS text filter is now available Paps reads UTF 8 encoded text files and renders them to a PostScript file It uses the pango library to create the outline curves The paps package also includes the libpaps library which simplifies PostScript rendering for any pango based applications for example programs that use the GTK widget toolkit As well pa...

Page 213: ...t recognizes on the partitions on the disk When parted was invoked on a dasd disk and one of the partitions on the disk did not contain a filesystem such as for example a partition which is a lvm physical volume then parted would crash due to a NULL pointer dereference Parted now no longer crashes under these circumstances BZ 563266 1656 All parted users should install the updated package which re...

Page 214: ...s H1 and H2 that did not work as documented The H1 switch was listed as allowing direct hardware access via Intel configuration mechanism 1 and the H2 switch as setting PCILIB to use mechanism 2 In the previous pciutils release however using either switch on AMD64 or Intel 64 architectures resulted in an invalid option H error Note the switches worked as expected on 32 bit x86 architectures This e...

Page 215: ...okupByPath did not contain Perl bindings As a result these storage functions were unavailable when using Perl based tools for virtual machine management This update adds the missing calls to the Perl API and Perl based management of virtual machines is now possible BZ 519647 1662 the message subroutine of Error pm returned an error code instead of an error message As a consequence error conditions...

Page 216: ...lowing bug fixes UTF 8 would not be represented correctly by the perl XML SAX parser because the Unicode version of XML SAX PurePerl Reader switch_encoding_string used Encode from_to that did not set the Perl internal UTF 8 flag This bug has been corrected by replacing the use of Encode from_to with the use of Encode decode BZ 475250 1667 When upgrading to Red Hat Enterprise Linux 5 a later versio...

Page 217: ...expect as a supported package included no changes at all and as a consequence did not obsolete the EPEL version To ensure the supported package properly obsoletes the EPEL package the Release value for this package was incremented BZ 481380 1672 previously the shebang lines in pexpect s python executables pointed to usr bin env python rather than explicitly referencing the version of Python instal...

Page 218: ...ertificate during a man in the middle attack and potentially confuse PHP into accepting it by mistake CVE 2009 3291 1679 It was discovered that PHP s htmlspecialchars function did not properly recognize partial multi byte sequences for some multi byte encodings sending them to output without them being escaped An attacker could use this flaw to perform a cross site scripting attack CVE 2009 4142 1...

Page 219: ...hitectures The user needed to manually edit the php ini file to be able to start Apache The default value has been increased to 128M and Apache now starts as expected on 64 bit hardware BZ 517604 1689 when attempting to build Zarafa a syntax error caused the build to fail Extraneous keystrokes were removed and Zarafa now builds as expected BZ 530824 1690 the PHP package has been updated to include...

Page 220: ...es various tools to administer and configure the Linux Virtual Server LVS as well as the heartbeat and failover components LVS is a dynamically adjusted kernel routing mechanism that provides load balancing primarily for Web and FTP servers This update fixes the following bugs Stopping pulse service does not stop service monitors In this updated package pulse will stop all service monitors BZ 5222...

Page 221: ...ing to the Red Hat Enterprise Linux 5 3 release pirut began showing the epoch number as the first characters in the package group details list With this update package lists are once again sorted correctly BZ 478834 1703 the pup graphical package manager application used an incorrectly sized icon BZ 436193 1704 All users of pirut are advised to upgrade to this updated package which resolves these ...

Page 222: ...portant security and bug fix update Important This update has already been released prior to the GA of this release as the security errata RHSA 2009 1504 1709 Updated poppler packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 5 This update has been rated as having important security impact by the Red Hat Security Response Team Poppler is a Portable ...

Page 223: ...malicious code that would later execute with superuser privileges CVE 2009 3230 1717 A flaw was found in the way PostgreSQL handled encoding conversion A remote authenticated user could trigger an encoding conversion failure possibly leading to a temporary denial of service Note To exploit this issue a locale and client encoding for which specific messages fail to translate must be selected the av...

Page 224: ...g lsdevinfo on an IBM POWER6 machine with a Virtual Fibre Channel resulted in incorrect errors and an incorrect device name being displayed These updated packages make sure only necessary error messages are printed and that the correct device name is shown BZ 565518 172517241723 As well these updated packages add the following enhancements CLI and CIM support has been added for end to end virtual ...

Page 225: ... modified to account for longer figures pertaining to memory statistics With these wider fields the columns and their headers are now correctly aligned BZ 484789 1733 The ps command would occasionally throw a double free corruption error This would cause the software to die unexpectedly This has been fixed by adding a test that looks for zero at the end of a process As a result ps no longer aborts...

Page 226: ...owing bugs The anaconda installation system would crash when attempting to write guest installation files to a iscsi connected host This was because pykickstart did not specify an iscsi port for use in the installation This behaviour has been corrected and pykickstart now specifies a default iscsi port BZ 547678 1742 The update which enabled the hvargs boot option in pykickstart see BZ 547877 1744...

Page 227: ...o a virt image cow qcow and qcow2 are now listed BZ 506927 1752 virt install would fail when re installing a virtual system using an img file that had been moved or deleted instead of re creating the guest image The error was found to be spurious characters in the image paths Code has been corrected in python virtinst to prevent this error BZ 511925 1753 By default virtual disks are not opened wit...

Page 228: ... an adds the 0_DSYNC flag to python virtinst to manage nonsparse disk reading BZ 558855 1760 Previously a patch was added to virtinst to avoid non sparse volume creation because libvirt did not drop the pool lock while allocating However the libvirt version in this release does not have this issue The patch has been removed and virt install no longer ignores nonsparse when creating an image inside...

Page 229: ...ng on the KVM hypervisor or on Red Hat Enterprise Virtualization Hypervisors These updated packages fix the following bugs the SPICE server uses a heuristic method for detecting video streams Some sites however send two video frame pixmaps the actual size of the frame and a variant that measures from the top left of the web page presenting the frame to the bottom right of the video frame Receiving...

Page 230: ...ssed initial screen image In low bandwidth conditions this resulted in a long period of apparent inactivity with the client presenting an unusable black screen The SPICE server now compresses the initial screen image greatly reducing initialization time BZ 521488 1771 if configured with SSL previously a SPICE client would open SSL with DEFLATE compression and the server would accept the compressio...

Page 231: ...qspice packages which resolve the above issues 1 171 readahead 1 171 1 RHBA 2010 0005 bug fix update Note This update has already been released prior to the GA of this release as FASTRACK errata RHBA 2010 0005 1783 An updated readahead package that fixes a bug is now available readahead reads the contents of a list of files into memory which causes them to be read from cache when they are actually...

Page 232: ...nly be included in the redhat logos package For this update these trademarked images were removed from redhat artwork When a Red Hat trademarked image is displayed such images are always assumed to be in directories below usr share other than usr share apps so this removal also has no effect on functionality BZ 485978 17881787 Users should upgrade to this updated package which resolves these issue...

Page 233: ...g the path attribute in cluster conf has been fixed Red Hat Resource Group Manager users are advised to upgrade to these updated packages which address this issue 1 175 2 RHBA 2009 1521 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2009 1521 1790 Updated rgmanager packages that fix two bugs are available The rgmanager packages contain the ...

Page 234: ...t of system downtime This update addresses the following bugs failed virtual machine migrations are handled more correctly BZ 499835 1793 clustered file systems are no longer unmounted after a configuration change BZ 506094 1794 clustat s output is now consistent when given bad input BZ 506346 1795 the force_unmount flag now works correctly when used with HA LVM BZ 514040 1796 path support for Xen...

Page 235: ...ed BZ 557167 1815 This update also includes the following enhancements more debugging information has been added to tmp rgmanager dump BZ 512052 1816 path support emulation has been added for KVM virtual machines BZ 545916 1817 vm sh now provides more meaningful error reports BZ 529926 1818 1801 https bugzilla redhat com bugzilla show_bug cgi id 530409 1802 https bugzilla redhat com bugzilla show_...

Page 236: ...g in the provisioned virtualized system consuming a physical system entitlement The fix for the problem contains a new method of detecting a virtualizaton guest when dbus and hal services are not running BZ 495680 1825 do not limit the output from rhnreg_ks utility only to a console This makes it possible for redirection of the output from rhnreg_ks to a file or a pipe BZ 503146 1826 fix typo erro...

Page 237: ...hnlib is a collection of Python modules used by the Red Hat Network RHN software This updated package addresses the following bugs When attempting to download multiple packages during satellite sync the download will fail after the first redirect to the content provider BZ 564299 1837 This update also provides the following enhancement rhnlib was rebased to version 2 5 22 the latest stable release...

Page 238: ...umstances this inconsistency led to update failures With this update both rhnsd and osad now return an equivalent env to rhn_check and actions executed either by pulling rhnsd or pushing ocad both work as expected BZ 503738 1840 All RHN or RHN Satellite users should install this updated package which fixes this bug 1 179 rhpxl 1 179 1 RHBA 2010 0318 bug fix update An updated rhpxl package that fix...

Page 239: ...emon would stop logging when messages were being discarded or if TCP connections were being rejected This also caused some applications to fail The configuration details were updated and local messages now continue being logged even when remote messages are queued BZ 519201 1844 BZ 519203 1845 These rebased packages also provide the following enhancements rsyslog can now handle a greater number of...

Page 240: ...ade to these updated packages which resolve this issue 1 182 samba 1 182 1 RHBA 2009 1641 bug fix update Note This update has already been released prior to the GA of this release as errata RHBA 2009 1641 1853 Updated samba packages that fix credentials file handling for mount cifs are now available for Red Hat Enterprise Linux 5 Samba is a suite of programs used by machines to share files printer...

Page 241: ...8 1856 A flaw was discovered in the way Samba handled users without a home directory set in the back end password database e g etc passwd If a share for the home directory of such a user was created e g using the automated homes share any user able to access that share could see the whole file system possibly bypassing intended access restrictions CVE 2009 2813 1857 The mount cifs program printed ...

Page 242: ...r SMB_O_TRUNC flags As a result Samba would respond with STATUS_INVALID_PARAMETER to any of these flags instead of honoring the call Samba now recognizes these flags and honors POSIX open calls that use them BZ 522866 1869 when setting the allow trusted domain no parameter on a Samba server it would not have any effect on the configuration and Samba would still attempt to contact trusted domains B...

Page 243: ...OWNER access must be requested when the file is opened When dos_filemode was enabled these requests were not sent so the access control list for a writeable file could not be changed WRITE_DAC and WRITE_OWNER access are now requested when dos_filemode is enabled so the access control list can be modified BZ 537165 1875 samba3x was previously available only for AMD64 and Intel 64 architectures It i...

Page 244: ...rface standard This package provides a set of core providers and development tools for systems management applications These packages address the following bugs The libraries installed with sblim cmpi base were assigned incorrect permissions This meant that any user outside of a specific group could not read the packages forcing the check for the SBLIM Base in sblim sfcb to fail To fix this bug wh...

Page 245: ...y allows multiple logins on a single terminal Screen is useful for users who telnet into a machine or are connected via a dumb terminal but want to use more than one login This updated package resolves the following issue in the previous screen release utempter support was disabled The utempter library provides an interface for terminal emulators such as screen and xterm to record user sessions to...

Page 246: ...n open connection to a target which has ongoing I O caused the tgtadm utility to segmentation fault Subsequently attempting to stop the tgtd daemon by running service tgtd stop failed and resulted in error messages With this update it is now possible to use tgtadm to close and remove an open connection to a target which is undergoing I O without causing tgtadm to crash and subsequently stopping or...

Page 247: ...veral bugs are now available The selinux policy packages contain the rules that govern how confined processes run on the system These updated selinux policy packages provide fixes for the following bugs the setkey utility from the ipsec tools package manipulates and dumps the kernel s Security Policy Database SPD entries and Security Association Database SAD entries The current selinux policy did ...

Page 248: ...licy packages provide the fix for the following bug selinux policy errata update RHBA 2010 0013 introduced a regression which prevented postfix driven systems from sending e mail using sendmail if SELinux was in enforcing mode With this update postfix_postdrop can read and write sendmail unix_stream_sockets correcting the regression and allowing e mails to be sent using sendmail BZ 555793 1904 Not...

Page 249: ...s unexpected behavior The sqlplus command functions normally after applying this update BZ 512375 1912 Users operating in the sysadm SELinux role can now use the setkey utility from the ipsec tools package BZ 513447 1913 A transition rule has been added to SELinux policy that allows vbetool the permissions it needs to operate normally BZ 515491 1914 When setkey was executed from a network startup ...

Page 250: ...ng udev BZ 526640 1925 SELinux policy has been modified to not trigger an error when the virDomainSave API is called from qemu kvm BZ 530552 1926 procmail was causing an AVC denial when attempting to read files used by spamassassin Rules have been added to policy so that these applications can communicate normally via pipes BZ 530750 1927 The ability to send and receive unlabeled packets was added...

Page 251: ...ng to libraries and storing the linking in the executable prelink is now allowed under SELinux policy to load and execute functions from shared libraries with legacy support included for older libraries BZ 551664 1942 qemu kvm caused SELinux errors when creating or starting a virtual machine when Transport Layer Security TLS is enabled in qemu conf for an environment using a Public Key Infrastruct...

Page 252: ...or Red Hat Enterprise Linux 5 The Red Hat Security Response Team has rated this update as having low security impact Common Vulnerability Scoring System CVSS base scores which give detailed severity ratings are available for each vulnerability from the CVE links in the References section Sendmail is a very widely used Mail Transport Agent MTA MTAs deliver mail from one machine to another Sendmail ...

Page 253: ...s When used on AMD64 and Intel 64 systems identifiers could be negative numbers outside the valid range of 500 to 60 000 The newusers utility now checks the range of generated UIDs and GIDs so that they do not appear outside the valid range BZ 306241 1961 the newusers utility failed if a specified parent directory did not exist The error message mkdir failed did not detail the cause of the failure...

Page 254: ...p the log was read sequentially to print in UID order This was unnecessary and caused long print times The faillog utility has been updated to print without ordering and printing now completes in an acceptable time BZ 473054 1968 the grpconv utility converts shadow passwords and groups The utility was not checking whether duplicate group entries existed in the etc group directory Running the utili...

Page 255: ... continue to grow together for several more seconds A new more reliable progress indication system has been added As a result the progress indication will be reliable from now on BZ 502442 1974 SOS would erroneously report that one or more nfs export do not have a fsid attribute set even if the fsid had been specified in the fs resource This was due to an omission in the cluster py file which was ...

Page 256: ...isk device print tune2fs l filesystem etc inittab service service name status etc inittab etc kdump conf sbin mdadm D dev md etc lvm proc buddyinfo As a result a much broader variety of reports are displayed for a number of different aspects of the system making troubleshooting easier BZ 453151 1981 BZ 517028 1982 BZ 429398 1983 SOS was not gathering dmraid information which can be extremely usefu...

Page 257: ...dhat release was corrupted or missing it was impossible for support to confirm which version of Red Hat Enterprise Linux was in use lsb release provides a useful fallback A plug in has been added to SOS to gather a large amount of data provided by the lsb_release command and in associated etc files It also outputs a message informing the user if etc redhat release is missing By reporting this info...

Page 258: ...ckage that fixes two security issues and several bugs is now available for Red Hat Enterprise Linux 5 The Red Hat Security Response Team has rated this update as having low security impact Common Vulnerability Scoring System CVSS base scores which give detailed severity ratings are available for each vulnerability from the CVE links in the References section Squid is a high performance proxy cachi...

Page 259: ...1490 Moderate security update Important This update has already been released prior to the GA of this release as the security errata RHSA 2009 1490 2005 An updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3 4 and 5 This update has been rated as having moderate security impact by the Red Hat Security Response Team SquirrelMail is a standa...

Page 260: ...lready been released prior to the GA of this release as errata RHBA 2010 0047 2009 An updated strace package that fixes a bug when tracing a program that blocks the SIGTRAP signal is now available The strace program intercepts and records the system calls called and received by a running process Strace can print a record of each system call its arguments and its return value This updated strace pa...

Page 261: ...o a process while said process was executing the execve system call With this update strace now reliably detects this post execve trap and consequently avoids the race condition BZ 564364 2014 1 195 sudo 1 195 1 RHSA 2010 0122 Important security update Important This update has already been released prior to the GA of this release as the security errata RHSA 2010 0122 2015 An updated sudo package ...

Page 262: ...asic Latin alphabetical characters BZ 512191 2019 the variable used for iterating wildcards such as and was being freed incorrectly As a consequence situations where a single file with a long file name was the only wildcard match would result in an error restricting access The sudo utility now correctly frees the glob iterator and long file names work as expected with wildcard characters BZ 521778...

Page 263: ... world readable The man page has been updated with the correct information BZ 460232 2026 the S option was added to sysklogd 1 4 1 40 however this option is not displayed in the SYNOPSIS section of the sysklogd man page This has the potential to mislead users who use the man page for help The S option has now been added to the SYNOPSIS section of the sysklogd man page BZ 471174 2027 when syslogd w...

Page 264: ...node name BZ 352631 2032 system config cluster says fence_apc s switch option must be provided but it s optional BZ 436939 2033 system config cluster and poorly formed xml error for vm resource BZ 474155 2034 system config cluster xml errors with _independent_subtree BZ 476260 2035 system config cluster parses glade widget values incorrectly BZ 493996 2036 system config cluster failed to create pr...

Page 265: ...e the combo box pop up menu has been corrected to enable the display of any UTF 8 character In the affected locales the Create New Logical Volume window now appears and works as expected BZ 537022 2041 All system config lvm users are advised to upgrade to this updated package which resolves this issue 1 198 2 RHBA 2010 0267 bug fix update Updated system config lvm packages that fix several bugs ar...

Page 266: ...config lvm used extents as a default unit size for volumes In these updated package system config lvm uses MB GB or TB depending on the size of volume BZ 217752 2052 Users are advised to upgrade to these updated system config lvm packages which resolve these issues 1 199 system config securitylevel 1 199 1 RHBA 2009 1656 bug fix update Note This update has already been released prior to the GA of ...

Page 267: ...nux If system config securitylevel tui was only run by the root user this error did not present BZ 532948 2056 All users are advised to upgrade to these updated packages which resolve these issues 1 200 system config services 1 200 1 RHBA 2010 0275 bug fix update An updated system config services package that fixes several bugs is now available system config services is a utility which allows you ...

Page 268: ...available SystemTap is an instrumentation system for systems running the Linux kernel version 2 6 Developers can write scripts to collect data on the operation of the system This update addresses the following issue abnormal shutdowns triggered at the same time as probe startups triggered a race condition and consequent kernel panics when multiple systemtap commands ran simultaneously The probe se...

Page 269: ...led and installed by root users in the stapusr group would also be able to execute it SystemTap users should upgrade to these updated packages which contain backported patches to correct these issues 1 201 3 RHBA 2010 0308 bug fix and enhancement update SystemTap provides an instrumentation infrastructure for systems running the Linux 2 6 kernel It allows users to write scripts that probe and trac...

Page 270: ...sing SIGKILL on the stap process will not terminate its child process stapio As such users may not be aware that a SystemTap module is still probing the system which will result in performance degradation This update adds a note in man stap warning users of this behavior BZ 523356 2077 Previous updates to SystemTap changed the order of parameters in the output of stap This could cause problems in ...

Page 271: ... updated tar package that fixes two security issues is now available for Red Hat Enterprise Linux 4 and 5 This update has been rated as having moderate security impact by the Red Hat Security Response Team The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that archive A heap based buffer overflow flaw was found in the way tar exp...

Page 272: ... files from a tar archive when using the no wildcards flag to disable wildcard character interpretation did not work as expected wildcard characters such as and still affected file name matches With this update the no wildcards flag correctly disables wildcard syntax so that file names are matched literally BZ 510714 2092 creating a tar archive which contained one or more directories with default ...

Page 273: ...f tasks It covers the spectrum of project management tasks from first idea to completion of the project and assists you during project scoping resource assignment cost and revenue planning and risk and communication management This updated taskjuggler package includes fixes for the following bugs building TaskJuggler using the source RPM could fail on a multicore machine due to a timing problem wi...

Page 274: ...return an Invalid adapter index error tcpdump now explicitly checks for the last entry in the device list If the n specified is higher than this entry it returns Invalid adapter index as expected and does not crash BZ 497819 2103 All tcpdump users should upgrade to these updated packages which resolve these issues 1 205 tcsh 1 205 1 RHBA 2009 1494 bug fix update Note This update has already been r...

Page 275: ...h glob handling so that characters in single or double quoted string arguments are handled correctly and as expected BZ 547529 2107 All users of tcsh are advised to upgrade to this updated package which resolves this issue 1 205 3 RHBA 2010 0190 bug fix update An updated tcsh package that fixes various bugs is now available Tcsh is an enhanced and compatible version of the C shell csh Tcsh is a co...

Page 276: ...f multiple filename globs failed if any glob in a command line expression failed The correct behavior outlines that a glob command should only fail if all components of the command fail This behavior is restored with this updated package BZ 529703 2114 All users of tcsh are advised to upgrade to this updated package which resolves these issues 1 206 tog pegasus 1 206 1 RHEA 2010 0233 enhancement u...

Page 277: ... was unable to create a partition if the new partition s starting cylinder was beyond one terabyte With this update the pertinent value is now an unsigned long and fdisk can create partitions with starting cylinders beyond 1 terabyte as expected BZ 471372 2118 util linux users should upgrade to these updated packages which resolve this issue 1 208 valgrind 1 208 1 RHBA 2010 0272 bug fix and enhanc...

Page 278: ...ng bugs although vconfig contains ELF objects the vconfig debuginfo package was empty With this update the debuginfo package contains valid debugging information as expected BZ 500635 2124 the previous vconfig release installed a CVS directory and related metadata to usr share doc vconfig 1 9 contrib They have been removed with this update Note this was a cosmetic issue only The files did nothing ...

Page 279: ...ed after adding 19 volumes to the storage pool BZ 508357 2129 various virt manager menus and menu items did not have keyboard shortcuts BZ 509746 2130 paused virtualized guests could be sent keys using the Send Key options which could make paused virtualized guests shut down or restart The Send Key menu is now disabled if a virtualized guest is paused BZ 509808 2131 setting the Autoconnect option ...

Page 280: ...already been released prior to the GA of this release as errata RHBA 2009 1684 2140 An updated vixie cron package that fixes a bug that prevented pam variables being set with cron jobs is now available The vixie cron package contains the Vixie version of cron Cron is a standard UNIX daemon that runs specified programs at scheduled times The vixie cron package adds improved security and more powerf...

Page 281: ...y thus enabling them to match file names as expected BZ 544278 2143 All users of vsftpd are advised to upgrade to this updated package which resolves this issue 1 214 wdaemon 1 214 1 RHEA 2010 0326 enhancement update An enhanced wdaemon package that adds an enhancement is now available wdaemon is a helper application which emulates persistent input devices for Wacom tablets allowing them to be plu...

Page 282: ...now available wpa_supplicant is a WPA Supplicant for Linux BSD and Windows with support for WPA and WPA2 IEEE 802 11i RSN Supplicant is the IEEE 802 1X WPA component that is used in the client stations It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802 11 authentication association of the wlan driver the wpa supplicant package would enter a loop when us...

Page 283: ... machines on top of a host operating system These updated xen packages fix the following bug following a guest shutdown attempting to recreate that guest may have failed due to timing issues which caused the xend daemon to think that the guest name was still in use even though it was not Also the xm list command correctly did not show the name of the guest which had shut down As a temporary workar...

Page 284: ...ertain kernels failed with a Function not implemented error message As a result users requiring PCI pass through on para virtualized guests were not able to update the xen packages without also updating the kernel and thus requiring a reboot These updated packages enable PCI pass through for para virtualized guests so that users do not need to upgrade the kernel in order to take advantage of PCI p...

Page 285: ... equal to the maximum available memory value the following error message would appear Error 1 Internal error Could not allocate memory for HVM guest n 16 Device or resource busy This issue has been resolved by improving the memory balloon driver to correctly allocate memory for fully virtualized guests and fully virtualized guests using the Intel VT d extensions for PCI passthrough BZ 512041 2158 ...

Page 286: ...ry leaks in the libxc and the libxenstore libraries are fixed in the updated package and the libraries memory usage should remain steady BZ 524308 2169 A guest name conflict caused a running guest to appear shut down after restarting the guest This issue is resolved in the updated package and running guest do not erroneously report that they are shut down BZ 529880 2170 The xm dump core command co...

Page 287: ...ges which resolve these issues and add these enhancements 1 218 xerces j2 1 218 1 RHSA 2009 1615 Moderate security update Important This update has already been released prior to the GA of this release as the security errata RHSA 2009 1615 2185 Updated xerces j2 packages that fix a security issue are now available for Red Hat Enterprise Linux 5 This update has been rated as having moderate securit...

Page 288: ... xmlsec1 An attacker could use this flaw to create a specially crafted XML file that forges an XML signature allowing the attacker to bypass authentication that is based on the XML Signature specification CVE 2009 0217 2188 Users of xmlsec1 should upgrade to these updated packages which contain a backported patch to correct this issue After installing the updated packages applications that use the...

Page 289: ... error upon moving the mouse crashing the X server BZ 371151 2190 the release string in the spec file for the packages has changed from dist to dist BZ 548008 2191 All users of this package are advised to upgrade to these updated packages which resolve these issues 1 223 xorg x11 drv fbdev 1 223 1 RHBA 2010 0203 bug fix and enhancement update An updated xorg x11 drv fbdev package that fixes a bug ...

Page 290: ...iled After attempting the switch the screen may have blanked and gone out of sync With this update this issue has been resolved BZ 511896 2194 Additionally these updated packages provide the following enhancements 2D support for the integrated graphics device found in Intel Core i3 Core i5 and Core i7 processors BZ 517356 2195 support for the integrated graphics in the Intel B43 chipset BZ 525276 ...

Page 291: ...web pages eg http adorama com With this update explicit 512 pixel limits have been placed on offscreen Pixmap width and height Consequently xorg x11 drv nv no longer causes X to crash when Firefox 3 5 loads the specified pages BZ 498500 2199 This update also adds the following enhancements previously the NVIDIA cards that used the Quadro FX 770M GPU were driven as generic VESA compliant video card...

Page 292: ...gion Accelerated operations then delete this region and whenever new damage appears it is unioned onto the to_be_sent region which is then submitted at BlockHandler time BZ 544781 2205 This modification also resolves the following Scrolling through a document with the mouse wheel in OpenOffice 3 1 1 would cause corruption of the displayed document text BZ 552181 2206 In Red Hat Enterprise Linux 5 ...

Page 293: ...1 drv vesa is a video driver for the X Org implementation of the X Window System It is used as a fallback driver for cards with no native driver or when the native driver does not work On Dell Precision M09 family laptops using nVidia Quadro FX 770M video drivers DPMS backlight power saving modes did not function correctly The backlight would remain on when the laptop screen was closed significant...

Page 294: ...esa the X server ceased support for Pluggable Authentication Modules PAM Support for PAM was added back to the package and PAM can now be used as expected BZ 486120 2217 a patch had been added to the xorg x11 server package which was going to cause compatibility issues between the xorg x11 server package and proposed NVIDIA drivers The randr disabled fb patch was removed and the package should now...

Page 295: ...dy been released prior to the GA of this release as FASTRACK errata RHBA 2009 1653 2227 An updated xorg x11 xdm package that fixes a bug is now available xorg x11 xdm provides a legacy display login manager for the X Window System This updated xorg x11 xdm package fixes the following bug the xorg x11 xdm package contained two PAM Pluggable Authentication Modules configuration files xdm and xserver...

Page 296: ...ously the ybin binary returned exit code 1 even if there was no error message on output ybin returned exit code 0 if ybin verbose was run with the same config file With this update ybin now returns exit code 0 when there is no output error message as expected BZ 515778 2231 This update also adds the following enhancement the initrd chunksize was reduced for this update This change allows yaboot to...

Page 297: ...hat can check for and automatically download and install updated RPM packages Dependencies are obtained and downloaded automatically prompting the user for permission as necessary Bugs fixed in these updated packages include fix bugtracker URL BZ 528738 2235 fix return code error during yum reinstall BZ 528746 2236 remove slow edge case from compare_providers BZ 529233 2237 add base package name c...

Page 298: ...rovided by RHN RHN Satellite BZ 509342 2244 disable yum repositories provided by RHN RHN Satellite in case etc sysconfig rhn systemid was removed BZ 514467 2245 require recent version of rhn client tools package to avoid a traceback when invoking yum clean all command BZ 515575 correctly rollback to older version of a package in scenarios where the package was split in later versions BZ 524237 cor...

Page 299: ...annot be installed simultaneously Because they share common files rpm the Red Hat Enterprise Linux package manager will prevent an installation of FreeRADIUS 2 x if FreeRADIUS 1 x is already installed To install freeradius2 on a system with freeradius currently installed freeradius must first be uninstalled See the solution section below for details Users wanting to take advantage of the enhanceme...

Page 300: ...re required by the iwlagn driver in order to support the Intel Wireless WiFi Link 1000BGN series adapter on Red Hat Enterprise Linux BZ 519223 4 Users of the iwlagn driver are advised to install this new package which provides this enhancement 2 5 RHEA 2010 0220 iwl6000 firmware A new iwl6000 firmware package that works with the iwlagn driver in the latest Red Hat Enterprise Linux kernels to enabl...

Page 301: ...le it is possible to install both i386 and ia64 packages these contain conflicting files and using the both architectures together may lead to unpredictable results The i386 version is unsupported as the Itanium version of gcc cannot compile code executable using the IA32 emulation capability BZ 489479 6 while postgresql84 packages are provided rebuilding other packages with this new version is no...

Page 302: ...ld install this new package 2 9 RHEA 2010 0189 xz A new package xz which provides user space tools for compressing and decompressing files with the LZMA algorithm is now available XZ Utils is an integrated collection of user space file compression utilities based on the Lempel Ziv Markov chain Algorithm LZMA compression algorithm LZMA is a general purpose compression algorithm designed by Igor Pav...

Page 303: ...e system is provided by the ext4dev ko kernel module and a new e4fsprogs package which contains updated versions of the familiar e2fsprogs administrative tools for use with ext4 To use install e4fsprogs and then use commands like mkfs ext4dev from the e4fsprogs program to create an ext4 base file system When referring to the filesystem on a mount commandline or fstab file use the filesystem name e...

Page 304: ...eCryptfs kernel driver requires updated userspace which is provided by ecryptfs utils 56 4 el5 or newer For more information about eCryptfs refer to http ecryptfs sf net You can also refer to http ecryptfs sourceforge net README and http ecryptfs sourceforge net ecryptfs faq html for basic setup information Stateless Linux Stateless Linux is a new way of thinking about how a system should be run a...

Page 305: ...rofile for large memory systems running disk intensive and network intensive applications The settings provides by ktune do not override those set in etc sysctl conf or through the kernel command line ktune may not be suitable on some systems and workloads as such you should test it comprehensively before deploying to production You can disable any configuration set by ktune and revert to your nor...

Page 306: ...ample echo eth6 sys module fcoe parameters create To logout write the network interface name to the sys module fcoe parameters destroy file for example echo eth6 sys module fcoe parameters destroy For further information on software based FCoE refer to http www open fcoe org openfc wiki index php FCoE_Initiator_Quickstart Red Hat Enterprise Linux 5 5 provides full support for FCoE on three special...

Page 307: ... protocol However as fence_virsh is not integrated with cluster suite it is not supported as a fence agent in that environment glibc new MALLOC behaviour The upstream glibc has been changed recently to enable higher scalability across many sockets and cores This is done by assigning threads their own memory pools and by avoiding locking in some situations The amount of additional memory used for t...

Page 308: ...298 ...

Page 309: ...dated with every major release Certified limits reflect the current state of system testing by Red Hat and its partners for mainstream hardware Note All the certified limits documented in this section are current as of March 30th 2010 Maximum Logical CPUs Logical CPU is defined as the number of CPUs that are presented to the operating system by the hardware Multi core processors and hyperthreads i...

Page 310: ...300 ...

Page 311: ... system check will be run at boot time BZ 513480 3 If unmodified kickstart files from Red Hat Enterprise Linux 5 4 are used to install Red Hat Enterprise Linux 5 5 anaconda may crash and complain that the directory required to save the log files does not exist BZ 568861 4 Red Hat Enterprise Linux 5 does not support having a separate var on a network filesystem nfs iscsi disk nbd etc This is becaus...

Page 312: ...includes disk label duplication avoidance code but when installing within a VM it has no visibility to the disk labels elsewhere on the host and cannot detect duplicates If guest filesystems especially the root filesystem are directly visible to the host a host OS reboot may inadvertantly parse the partition table and mount the guest filesystems This can lead to highly undesirable outcomes BZ 5184...

Page 313: ...ts option will not be available When this occurs the system will require an additional entitlement separate from the entitlement used by dom0 To prevent the consumption of additional entitlements for guests install the rhn virtualization common package manually before attempting to register the system to Red Hat Network BZ 431648 13 When installing Red Hat Enterprise Linux 5 on a guest the guest i...

Page 314: ...evices may cause the installer to halt If this happens it is necessary to clear out all existing partitions on the DASD devices you want to use and restart the installer BZ 289631 19 The following note applies to the ia64 Architecture If your system only has 512MB of RAM attempting to install Red Hat Enterprise Linux 5 4 may fail To prevent this perform a base installation first and install all ot...

Page 315: ... the issue noted here use dmsetup to edit the policy at runtime for a particular LUN i e for which all the paths are unavailable To illustrate run dmsetup message device 0 fail_if_no_path where device is the multipath device name e g mpath2 do not specify the path for which you want to change the policy from queue_if_no_path to fail_if_no_path BZ 419581 24 When a LUN is deleted on a configured sto...

Page 316: ... and partition in an initscript When the system boots dmraid enables the RAID partition that are named implicitly in the init script This action functions until the volume and partition names are changed In these cases the system may not boot and the user is given an option to reboot system and start the rebuild procedure in OROM OROM changes the name of RAID volume as seen by dmraid and dmraid ca...

Page 317: ...ctory cd tmp raid tmp image find print cpio c o gzip 9 tmp raid boot inird 2 6 18 155 el5 img 7 unmount the raid volume and reboot the system umount dev mapper isw_effjffhbi_Volume0p1 dmraid an 5 7 dogtail dogtail is a GUI test tool and automation framework that uses assistive technologies to communicate with desktop applications Attempting to run sniff may result in an error This is because some ...

Page 318: ... gfs2 is used as the root file system the first boot attempt will fail with the error message fsck gfs2 invalid option a To work around this issue 1 Enter the root password when prompted 2 Mount the root file system manually mount o remount rw dev VolGroup00 LogVol00 3 Edit the etc fstab file from dev VolGroup00 LogVol00 gfs2 defaults 1 1 to dev VolGroup00 LogVol00 gfs2 defaults 1 0 4 Reboot the s...

Page 319: ...isk access using SCSI commands sent over Internet Protocol networks iSCSI iface binding is not supported during install or boot The initiator only supports the ability to log into target portals using the default behavior where the initiator uses the network routing table to decide which NIC to use To work around this limitation booting or installation can be done using the default behavior After ...

Page 320: ...s such as the following to be displayed kernel unaligned access to 0xe0000034f327f0ff ip 0xa0000002040c4870 kernel unaligned access to 0xe0000034f327cbff ip 0xa0000002040c4870 kernel unaligned access to 0xe00000300c9581ff ip 0xa0000002040c4870 These messages do not indicate a serious error The data alignment issue will be fixed in a future release BZ 570000 44 When booting paravirtualized guests t...

Page 321: ...tream with replaceable timers so fully virtualized guests will have paravirtualized timers Currently this code is under development upstream and should be available in later versions of Red Hat Enterprise Linux BZ 422531 50 The following note applies to x86_64 Architectures Upgrading a host dom0 system to Red Hat Enterprise Linux 5 2 may render existing Red Hat Enterprise Linux 4 5 SMP paravirtual...

Page 322: ...iators are included in the same Storage Area Network SAN zone Typically this kernel panic will present after a cable is pulled or one of the systems is rebooted To work around this issue configure the SAN to use single initiator zoning BZ 574858 57 Systems containing AMD64 or Intel64 based hardware that use the x86 PAE kernel variant may fail to perform a core dump AMD64 or Intel64 based hardware ...

Page 323: ...amdisk boot initrd 2 6 18 kernel version number el5 img 0x02000000 The command zipl V should now show 0x02000000 as the starting address for the inital RAM disk initrd Stop the logigal partiton LPAR and then manually increase the the storage size of the LPAR On certain hardware configurations the kernel may panic when the Broadcom iSCSI offload driver bnx2i ko and cnic ko is loaded To work around ...

Page 324: ...scan00 not stopped done BZ 513472 67 The kernel is unable to properly detect whether there is media present in a CD ROM drive during kickstart installs The function to check the presence of media incorrectly interprets the logical unit is becoming ready sense returning that the drive is ready when it is not To work around this issue wait several seconds between inserting a CD and asking the instal...

Page 325: ...uccessive resets via consecutive ifdown ifup commands may hang the device To avoid this allow a 10 second interval after an ifup before issuing an ifdown Also allow the same 10 second interval after an ifdown before issuing an ifup This interval allows ample time to stabilize and re initialize all functions when an ifup is issued BZ 276891 74 Laptops equipped with the Cisco Aironet MPI 350 wireles...

Page 326: ... enters Suspend Mode properly To ensure that the system resumes normal operations properly add the script restore after standby to the same directory as well containing the following lines radeontool dac on radeontool light on chvt 7 BZ 227496 78 If the edac module is loaded BIOS memory reporting will not work This is because the edac module clears the register that the BIOS uses for reporting mem...

Page 327: ...yed 2 Run the following command setenv real base 2000000 3 Boot into System Managment Services SMS with the command 0 dev packages gui obe BZ 462663 82 5 15 kexec tools kexec tools provides the sbin kexec binary that facilitates a new kernel to boot using the kernel s kexec feature either on a normal or a panic reboot This package contains the sbin kexec binary and ancillary utilities that togethe...

Page 328: ...ior is intentional as it minimizes the time frame where a crash may occur while memory or processors are not being tracked by kdump BZ 474409 88 The following note applies to ia64 Architecture Some Itanium systems cannot properly produce console output from the kexec purgatory code This code contains instructions for backing up the first 640k of memory after a crash While purgatory console output ...

Page 329: ...ace 4 Save the changes and exit the text editor 5 Restart the guest OS Alternatively if you re having trouble installing the OS on the virtual machine because of the rtl8139 NIC for example because you re installing the OS over the network you can create a virtual machine from scratch with an e1000 NIC This method requires you to have at least one virtual machine already created possibly installed...

Page 330: ...etween the KVM userspace e g qemu kvm and the KVM kernel modules may change in future updates Using the latest upstream qemu kvm package is unsupported due to ABI differences BZ 515549 95 Devices using the qlge driver cannot be assigned to a KVM guest using KVM s PCI Device Driver assignment BZ 507689 96 the use of the qcow2 disk image format with KVM is considered a Technology Preview BZ 517880 9...

Page 331: ...or remote booting Etherboot is an implementation of the pxe standard but lacks some features that are present in the new gpxe boot technology which is not shipped with RHEL It is possible to use the gpxe roms with RHEL 5 4 As an example gpxe roms can be used to interpret requests generated by Microsoft RIS or WDS All components present in RHEL5 4 are capable of booting gpxe roms The roms can be ob...

Page 332: ... install the libcmpiutil devel package on a system that does not have a Subscription including the Workstation option or is not subscribed to the Workstation channel on RHN will fail with an unresolved dependency error 5 20 libvirt Problem Description The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems In addition li...

Page 333: ...ult in a machine that cannot boot Multipath to Storage Area Network SAN devices which provide RAID internally are not affected BZ 467469 113 The following note applies to s390x Architectures When installing Red Hat Enterprise Linux 5 4 the following errors may be returned in install log Installing kernel 2 6 18 158 el5 s390x cp cannot stat sbin dmraid static No such file or directory This message ...

Page 334: ...ersion scriptlet failed exit status 2 As such you need to manually remove older versions of openmpi and lam in order to install their latest versions To do so use the following rpm command rpm qa grep openmpi lam xargs rpm e noscripts allmatches BZ 433841 120 5 26 qspice The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which...

Page 335: ... virtualized Windows R drivers for 32 bit and 64 bit Windows R guests Low performance with UDP messages larger than 1024 is a known Microsoft issue http support microsoft com default aspx kb 235257 For the message larger than 1024 bytes follow the workaround procedure detailed in the above Microsoft knowledgebase article BZ 496592 124 Installation of Windows XP with the floppy containing guest dri...

Page 336: ...s to DisplayPort monitors are unsupported by the nv driver Internal laptop and notebook displays that use Embedded DisplayPort eDP are also unsupported Other connections such as VGA DVI HDMI and the use of DisplayPort to DVI adapters are supported by the nv driver To work around this limitation it is recommended that the vesa driver be used BZ 566228 129 The following note applies to x86_64 Archit...

Page 337: ...a value of 1024 or higher Lower values may cause the dom0 to run out of memory resulting in poor performance or out of memory situations BZ 519492 The Red Hat Enterprise Linux 3 kernel does not include SWIOTLB support SWIOTLB support is required for Red Hat Enterprise Linux 3 guests to support more than 4GB of memory on AMD Opteron and Athlon 64 processors Consequently Red Hat Enterprise Linux 3 g...

Page 338: ... Enterprise Linux 3 9 on a fully virtualized guest may be extremely slow In addition booting up the guest after installation may result in hda lost interrupt errors To avoid this bootup error configure the guest to use the SMP kernel BZ 249521 143 ...

Page 339: ...n common any more It now has many more features than Cistron or Livingston and is much more configurable FreeRADIUS is an Internet authentication daemon which implements the RADIUS protocol as defined in RFC 2865 and others It allows Network Access Servers NAS boxes to perform authentication for dial up users There are also RADIUS clients available for Web servers firewalls Unix logins and more Us...

Page 340: ...ba3x 3 3 8 0 51 el5 Group System Environment Daemons Summary Server and Client software to interoperate with Windows machines Description Samba is the suite of programs by which a lot of PC related machines share files printers and other information such as lists of available files and printers The Windows NT OS 2 and Linux operating systems support this natively and add on packages can enable the...

Page 341: ...P Linux systems This version of pfmon requires a kernel perfmon 2 x found in 2 6 kernels subsystem to function properly A 3 Updated Packages NetworkManager 0 7 0 9 el5 NetworkManager 0 7 0 10 el5 Group System Environment Base Summary Network connection manager and user applications Description NetworkManager attempts to keep an active network connection available at all times It is intended only f...

Page 342: ... obsoletes PyXML 0 8 4 4 PyXML 0 8 4 4 el5_4 2 Group Development Libraries Summary XML libraries for python Description An XML package for Python The distribution contains a validating XML parser an implementation of the SAX and DOM programming interfaces and an interface to the Expat parser Added Dependencies expat devel No removed dependencies No added provides No removed provides No added confl...

Page 343: ...ches ACPI events to user space programs No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes aide 0 13 1 4 el5 aide 0 13 1 6 el5 Group Applications System Summary Intrusion detection environment Description AIDE Advanced Intrusion Detection Environment is a file integrity checker and intr...

Page 344: ...ded provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes apr util 1 2 7 7 el5_3 2 apr util 1 2 7 11 el5 Group System Environment Libraries Summary Apache Portable Runtime Utility library Description The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines This library contains additional ut...

Page 345: ...recurring job that will need to be repeated at the same time every day week etc you should use crontab instead No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes audit 1 7 13 2 el5 audit 1 7 17 3 el5 Group System Environment Daemons Summary User space tools for 2 6 kernel auditing Descr...

Page 346: ...d obsoletes No removed obsoletes automake 1 9 6 2 1 automake 1 9 6 2 3 el5 Group Development Tools Summary A GNU tool for automatically creating Makefiles Description Automake is a tool for automatically generating Makefile in files compliant with the GNU Coding Standards You should install Automake if you are developing software and would like to use its ability to automatically generate GNU stan...

Page 347: ...A GNU tool for automatically creating Makefiles Description Automake is a tool for automatically generating Makefile in files compliant with the GNU Coding Standards This package contains Automake 1 5 an older version of Automake You should install it if you need to run automake in a project that has not yet been updated to work with newer versions of Automake No added dependencies No removed depe...

Page 348: ...ing Standards This package contains Automake 1 7 an older version of Automake You should install it if you need to run automake in a project that has not yet been updated to work with latest version of Automake No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes avahi 0 6 16 6 el5 avahi ...

Page 349: ... applications to use when interfacing with DNS and tools for verifying that the DNS server is operating properly No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes binutils 2 17 50 0 6 12 el5 binutils 2 17 50 0 6 14 el5 Group Development Tools Summary A GNU collection of binary utilitie...

Page 350: ...conflicts No removed conflicts No added obsoletes No removed obsoletes bootparamd 0 17 24 devel 2 1 bootparamd 0 17 26 el5 Group System Environment Daemons Summary A server process which provides boot information to diskless clients Description The bootparamd process provides bootparamd a server process which provides the information needed by diskless clients in order for them to successfully boo...

Page 351: ...ndencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes brltty 3 7 2 1 fc6 brltty 3 7 2 4 el5 Group System Environment Daemons Summary Braille display driver for Linux Unix Description BRLTTY is a background process daemon which provides access to the Linux Unix console when in text mode for a blind person using a refreshable b...

Page 352: ...luding those based on the concepts of Type Enforcement Role based Access Control and Multi level Security This package contains checkpolicy the SELinux policy compiler Only required for building policies Added Dependencies libsepol devel 1 15 2 3 Removed Dependencies libsepol devel 1 15 2 1 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed ...

Page 353: ...dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes cmirror 1 1 39 2 el5 cmirror 1 1 39 8 el5 Group System Environment Base Summary cmirror The Cluster Mirror Package Description cmirror Cluster Mirroring No added dependencies No removed dependencies No added provides No removed provides No added...

Page 354: ...o added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes conga 0 12 2 6 el5 conga 0 12 2 12 el5 Group System Environment Base Summary Remote Management System Description Conga is a project developing management system for remote stations It consists of luci https frontend and ricci secure daemon that dispatches incoming messages to under...

Page 355: ...e GNU core utilities This package is the combination of the old GNU fileutils sh utils and textutils packages No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes cpio 2 6 23 el5 cpio 2 6 23 el5_4 1 Group Applications Archiving Summary A GNU archiving program Description GNU cpio copies f...

Page 356: ... Summary CPU frequency adjusting daemon Description cpuspeed is a daemon that dynamically changes the speed of your processor s depending upon its current workload if it is capable needs Intel Speedstep AMD PowerNow or similar support This package also supports enabling cpu frequency scaling via in kernel governors on Intel Centrino and AMD Athlon64 Opteron platforms No added dependencies No remov...

Page 357: ...tandard printing solution for all UNIX vendors and users CUPS provides the System V and Berkeley command line interfaces Added Dependencies poppler utils No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes curl 7 15 5 2 1 el5_3 5 curl 7 15 5 9 el5 Group Applications Internet Summary A utility for getting file...

Page 358: ... of the filesystem that are private to the Cyrus IMAP server All user access to mail is through software using the IMAP POP3 or KPOP protocols It also includes support for virtual domains NNTP mailbox annotations and much more The private mailbox database design gives the server large advantages in efficiency scalability and administratability Multiple concurrent read write connections to the same...

Page 359: ...No added conflicts No removed conflicts No added obsoletes No removed obsoletes dapl 2 0 19 2 el5 dapl 2 0 25 2 el5 Group System Environment Libraries Summary Library providing access to the DAT 1 2 and 2 0 APIs Description libdat and libdapl provide a userspace implementation of the DAT 1 2 and 2 0 API that is built to natively support InfiniBand iWARP network technology Added Dependencies libibv...

Page 360: ...s No added obsoletes No removed obsoletes dbus python 0 70 7 el5 dbus python 0 70 9 el5_4 Group System Environment Libraries Summary D Bus Python Bindings Description D Bus python bindings for use with python programs No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes device mapper 1 02...

Page 361: ...d dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes dhcp 3 0 5 21 el5 dhcp 3 0 5 23 el5 Group System Environment Daemons Summary DHCP Dynamic Host Configuration Protocol server and relay agent Description DHCP Dynamic Host Configuration Protocol is a protocol which allows individual devices on an IP network to get the...

Page 362: ...IPv6 network No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes dmidecode 2 9 1 el5 dmidecode 2 10 3 el5 Group System Environment Base Summary Tool to analyse BIOS DMI data Description dmidecode reports information about x86 hardware as described in the system BIOS according to the SMBI...

Page 363: ...asq 2 45 1 el5_2 1 dnsmasq 2 45 1 1 el5_3 Group System Environment Daemons Summary A lightweight DHCP caching DNS server Description Dnsmasq is lightweight easy to configure DNS forwarder and DHCP server It is designed to provide DNS and optionally DHCP to a small network It can serve the names of local machines which are not in the global DNS The DHCP server integrates with the DNS server and all...

Page 364: ...cts No added obsoletes No removed obsoletes dosfstools 2 11 7 el5 dosfstools 2 11 9 el5 Group Applications System Summary Utilities for making and checking MS DOS FAT filesystems on Linux Description The dosfstools package includes the mkdosfs and dosfsck utilities which respectively make and check MS DOS FAT filesystems on hard drives or on floppies No added dependencies No removed dependencies N...

Page 365: ...mmary Utilities for managing the fourth extended ext4 filesystem Description The e4fsprogs package contains a number of utilities for creating checking modifying and correcting any inconsistencies in the fourth extended ext4 filesystem E4fsprogs contains e4fsck used to repair filesystem inconsistencies after an unclean shutdown mke4fs used to initialize a partition to contain an empty ext4 filesys...

Page 366: ...ernet Summary A text mode Web browser Description Links is a text based Web browser Links does not display any images but it does support frames tables and most other HTML tags Links advantage over graphical browsers is its speed Links starts and exits quickly and swiftly displays Web pages No added dependencies No removed dependencies No added provides No removed provides No added conflicts No re...

Page 367: ...uted on an x86 computer Many network adapters have a socket where a ROM chip can be installed Etherboot is code that can be put in such a ROM Added Dependencies usr include gnu stubs 32 h Removed Dependencies glibc32 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes ethtool 6 3 el5 ethtool 6 4 el5 Group Applications System Summary...

Page 368: ...p System Environment Daemons Summary The exim mail transfer agent Description Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet It is freely available under the terms of the GNU General Public Licence In style it is similar to Smail 3 but its facilities are more general There is a great deal of flexibility in the way mai...

Page 369: ...d provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes fetchmail 6 3 6 1 1 el5 fetchmail 6 3 6 1 1 el5_3 1 Group Applications Internet Summary A remote mail retrieval and forwarding utility Description Fetchmail is a remote mail retrieval and forwarding utility intended for use over on demand TCP IP links like SLIP or PPP connections Fetchmai...

Page 370: ...No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes firefox 3 0 12 1 el5_3 firefox 3 0 18 1 el5_4 Group Applications Internet Summary Mozilla Firefox Web browser Description Mozilla Firefox is an open source web browser designed for standards compliance performance and portability Added ...

Page 371: ...ance and highly configurable GPL d free RADIUS server The server is similar in some respects to Livingston s 2 0 server While FreeRADIUS started as a variant of the Cistron RADIUS server they don t share a lot in common any more It now has many more features than Cistron or Livingston and is much more configurable FreeRADIUS is an Internet authentication daemon which implements the RADIUS protocol...

Page 372: ...oved provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes gcc 4 1 2 46 el5 gcc 4 1 2 48 el5 Group Development Languages Summary Various compilers C C Objective C Java Description The gcc package contains the GNU Compiler Collection version 4 1 You ll need this package in order to compile C code No added dependencies No removed dependencies No added provides No r...

Page 373: ...dencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes gdb 6 8 37 el5 gdb 7 0 1 23 el5 Group Development Debuggers Summary A GNU source level debugger for C C Java and other languages Description GDB the GNU debugger allows you to debug programs written in C C Java and other languages by executing them i...

Page 374: ... 18 159 el5 kernel xen devel ia64 2 6 18 159 el5 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes gfs utils 0 1 20 1 el5 gfs utils 0 1 20 7 el5 Group System Environment Kernel Summary Utilities for managing the global filesystem GFS Description The gfs utils package contains a number of utilities for creating checking modifying a...

Page 375: ...vironment Libraries Summary The GNU libc libraries Description The glibc package contains standard libraries which are used by multiple programs on the system In order to save disk space and memory as well as to make upgrading easier common system code is kept in one place and shared between programs This particular package contains the most important sets of shared libraries the standard C librar...

Page 376: ...dded provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes gnutls 1 4 1 3 el5_2 1 gnutls 1 4 1 3 el5_3 5 Group System Environment Libraries Summary A TLS protocol implementation Description GnuTLS is a project that aims to develop a library which provides a secure layer over a reliable transport layer Currently the GnuTLS library implements th...

Page 377: ... GNU gzip data compression program Gzipped files have a gz extension Gzip should be installed on your Red Hat Linux system because it is a very commonly used data compression program No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes hal 0 5 8 1 52 el5 hal 0 5 8 1 59 el5 Group System En...

Page 378: ...ues for files The names and interfaces are meant to mimic the sha sum tools provided by the coreutils package Added Dependencies autoconf automake prelink No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes httpd 2 2 3 31 el5 httpd 2 2 3 43 el5 Group System Environment Daemons Summary Apache HTTP Server Descr...

Page 379: ... dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes iasl 20061109 5 el5 iasl 20090123 1 el5 Group Development Languages Summary Intel ASL compiler decompiler Description iasl compiles ASL ACPI Source Language into AML ACPI Machine Language which is suitable for inclusion as a DSDT in system firm...

Page 380: ...No removed conflicts No added obsoletes No removed obsoletes ibutils 1 2 10 el5 ibutils 1 2 11 el5 Group System Environment Libraries Summary OpenIB Mellanox InfiniBand Diagnostic Tools Description ibutils provides IB network and path diagnostics Added Dependencies opensm devel 3 3 0 Removed Dependencies opensm devel 3 2 0 No added provides No removed provides No added conflicts No removed conflic...

Page 381: ...vate newsfeeds INN includes innd an NNTP NetNews Transport Protocol server and nnrpd a newsreader that is spawned for each client Both innd and nnrpd vary slightly from the NNTP protocol but not in ways that are easily noticed Install the inn package if you need a complete system for serving and reading Usenet news You may also need to install inn devel if you are going to use a separate program w...

Page 382: ...AID adapters Description Provides a suite of utilities to manage and configure SCSI devices supported by the ipr SCSI storage device driver No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes iptables 1 3 5 5 3 el5 iptables 1 3 5 5 3 el5_4 1 Group System Environment Base Summary Tools fo...

Page 383: ...include Top like realtime state table information Sorting by any field Reversible sorting Single display of state table Customizable refresh rate Open Source specifically I m using the zlib license No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes iscsi initiator utils 6 2 0 871 0 10 e...

Page 384: ..._3 kdegraphics 3 5 4 15 el5_4 2 Group Applications Multimedia Summary K Desktop Environment Graphics Applications Description Graphics applications for the K Desktop Environment Includes kdvi displays TeX dvi files kghostview displays postscript files kcoloredit palette editor and color chooser kiconedit icon editor kolourpaint a simple drawing program ksnapshot screen capture utility kview image ...

Page 385: ... removed conflicts No added obsoletes No removed obsoletes kernel 2 6 18 164 el5 kernel 2 6 18 194 el5 Group System Environment Kernel Summary The Linux kernel the core of the Linux operating system Description The kernel package contains the Linux kernel vmlinuz the core of any Linux operating system The kernel handles the basic functions of the operating system memory allocation process allocati...

Page 386: ...onment Libraries Summary The Kerberos network authentication system Description Kerberos V5 is a trusted third party network authentication system which can improve your network s security by eliminating the insecure practice of cleartext passwords No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No remov...

Page 387: ... tuning parameters No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes kudzu 1 2 57 1 21 1 kudzu 1 2 57 1 24 1 Group Applications System Summary The Red Hat Linux hardware probing tool Description Kudzu is a hardware probing tool run at system boot time to determine what hardware has bee...

Page 388: ...dded provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes less 394 6 el5 less 436 2 el5 Group Applications Text Summary A text file browser similar to more but better Description The less utility is a text file browser that resembles more but has more capabilities Less allows you to move backwards in the file as well as forwards Since less do...

Page 389: ...licts No added obsoletes No removed obsoletes libXrandr 1 1 1 3 1 libXrandr 1 1 1 3 3 Group System Environment Libraries Summary X Org X11 libXrandr runtime library Description X Org X11 libXrandr runtime library No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libXt 1 0 2 3 1 fc6 lib...

Page 390: ...y in order to provide kernel accelerated async I O capabilities as do applications which require the Linux native async I O API No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libcmpiutil 0 4 2 el5 libcmpiutil 0 5 1 1 el5 Group System Environment Libraries Summary CMPI Utility Librar...

Page 391: ...ry This driver enables Chelsio iWARP capable ethernet devices Added Dependencies libibverbs devel 1 1 3 Removed Dependencies libibverbs devel 1 1 2 4 el5 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libehca 1 2 1 3 el5 libehca 1 2 1 6 el5 Group System Environment Libraries Summary IBM InfiniBand HCA Userspace Driver Descripti...

Page 392: ... timeout has been reached libevent is meant to replace the asynchronous event loop found in event driven network servers An application just needs to call event_dispatch and can then add or remove events dynamically without having to change the event loop Added Dependencies doxygen No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsole...

Page 393: ...No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libhugetlbfs 1 3 3 el5 libhugetlbfs 1 3 7 el5 Group System Environment Libraries Summary Library to access the Huge TLB Filesystem Description The libhugetlbfs library interacts with the Linux hugetlbfs to make large pages available to applications in a tran...

Page 394: ...oved conflicts No added obsoletes No removed obsoletes libibcommon 1 1 2 1 el5 libibcommon 1 2 0 1 el5 Group System Environment Libraries Summary OpenFabrics Alliance InfiniBand management common library Description libibcommon provides common utility functions for the OFA diagnostic and management tools No added dependencies No removed dependencies No added provides No removed provides No added c...

Page 395: ...ry Description libibumad provides the user MAD library functions which sit on top of the user MAD modules in the kernel These are used by the IB diagnostic and management tools including OpenSM No added dependencies Removed Dependencies libibcommon devel 1 1 2 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libibverbs 1 1 2 4 el...

Page 396: ...cription QLogic hardware driver for use with libibverbs user space verbs access library This driver supports QLogic InfiniPath based cards Added Dependencies libibverbs devel 1 1 3 Removed Dependencies libibverbs devel 1 1 2 4 el5 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libmlx4 1 0 1 2 el5 libmlx4 1 0 1 5 el5 Group Syste...

Page 397: ...ngle Data Rate and Dual Data Rate cards including those from Cisco Topspin and Voltaire It does not support the Connect X architecture based Quad Data Rate cards libmlx4 handles that hardware Added Dependencies libibverbs devel 1 1 3 Removed Dependencies libibverbs devel 1 1 2 4 el5 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsolete...

Page 398: ...el 1 1 2 4 el5 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libsepol 1 15 2 2 el5 libsepol 1 15 2 3 el5 Group System Environment Libraries Summary SELinux binary policy manipulation library Description Security enhanced Linux is a feature of the Linux kernel and a number of utilities with enhanced security functionality desig...

Page 399: ...ke systems to generically build shared libraries Libtool provides a consistent portable interface which simplifies the process of using shared libraries If you are developing programs which will use shared libraries but do not use the rest of the GNU Autotools such as GNU Autoconf and GNU Automake you should install the libtool package The libtool package also includes all files needed to integrat...

Page 400: ...cies autoconf automake gettext devel gtk doc libtool nscd No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes libvirt 0 6 3 20 el5 libvirt 0 6 3 33 el5 Group Development Libraries Summary Library providing a simple API virtualization Description Libvirt is a C toolkit to interact with the virtualization capab...

Page 401: ...des No added conflicts No removed conflicts No added obsoletes No removed obsoletes libvorbis 1 1 2 3 el5_3 3 libvorbis 1 1 2 3 el5_4 4 Group System Environment Libraries Summary The Vorbis General Audio Compression Codec Description Ogg Vorbis is a fully open non proprietary patent and royalty free general purpose compressed audio format for audio and music at fixed and variable bitrates from 16 ...

Page 402: ...s No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes lm_sensors 2 10 7 4 el5 lm_sensors 2 10 7 9 el5 Group Applications System Summary Hardware monitoring tools Description The lm_sensors package includes a collection of modules for general SMBus access and hardware monitoring NOTE this requires special support which is not in standard 2 2 vintage k...

Page 403: ...en period of time and make a report in the areas that you wish with the detail that you wish Easy to use works right out of the package on many systems No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes lvm2 2 02 46 8 el5 lvm2 2 02 56 8 el5 Group System Environment Base Summary Userland...

Page 404: ... for userland logical volume management tools Description Extensions to LVM2 to support clusters Added Dependencies device mapper 1 02 39 1 Removed Dependencies device mapper 1 02 32 1 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes man pages 2 39 12 el5 man pages 2 39 15 el5 Group Documentation Summary Man manual pages from the...

Page 405: ...ject Japanese Manual Project No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes mcelog 0 9pre 1 27 el5 mcelog 0 9pre 1 29 el5 Group System Environment Base Summary Tool to translate x86 64 CPU Machine Check Exception data Description mcelog is a daemon that collects and decodes Machine ...

Page 406: ...guration file though a configuration file can be used to help with some common tasks No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes mesa 6 5 1 7 7 el5 mesa 6 5 1 7 8 el5 Group System Environment Libraries Summary Mesa graphics libraries Description Mesa No added dependencies No remo...

Page 407: ...up System Environment Base Summary Creates an initial ramdisk image for preloading modules Description Mkinitrd creates filesystem images for use as initial ramdisk initrd images These ramdisk images are often used to preload the block device modules SCSI or RAID needed to access the root filesystem In other words generic kernels can be built without drivers for any SCSI adapters which load the SC...

Page 408: ...or automatic loading and unloading of modules under 2 6 and later kernels as well as other module management programs Device drivers and filesystems are two examples of loaded and unloaded modules No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes mpitests 3 1 3 el5 mpitests 3 2 1 el5 G...

Page 409: ...ibraries and autochangers from ADIC Tandberg Overland Breece Hill HP and Seagate If you have a backup tape device capable of handling more than one tape at a time you should install MTX No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes mvapich 1 1 0 0 3355 2 el5 mvapich 1 2 0 0 3562 1 ...

Page 410: ...added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes mysql 5 0 77 3 el5 mysql 5 0 77 4 el5_4 2 Group Applications Databases Summary MySQL client programs and shared libraries Description MySQL is a multi user multi threaded SQL database server MySQL is a client server implementation consisting of a server daemon mysqld and many differen...

Page 411: ...ed provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes neon 0 25 5 10 el5 neon 0 25 5 10 el5_4 1 Group Applications Publishing Summary An HTTP and WebDAV client library Description neon is an HTTP and WebDAV client library with a C interface providing a high level interface to HTTP and WebDAV methods along with a low level interface for HTTP...

Page 412: ...package contains the snmpd and snmptrapd daemons documentation etc You will probably also want to install the net snmp utils package which contains NET SNMP utilities Building option without tcp_wrappers disable tcp_wrappers support No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes net...

Page 413: ...No removed conflicts No added obsoletes No removed obsoletes nfs utils 1 0 9 42 el5 nfs utils 1 0 9 44 el5 Group System Environment Daemons Summary NFS utilities and supporting clients and daemons for the kernel NFS server Description The nfs utils package provides a daemon for the kernel NFS server and related tools which provides a much higher level of performance than the traditional Linux NFS ...

Page 414: ...nstallation and update Added Dependencies curl devel gecko devel libX11 devel nspr devel pango devel Removed Dependencies gecko devel 1 9 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes nspr 4 7 4 1 el5_3 1 nspr 4 7 6 1 el5_4 Group System Environment Libraries Summary Netscape Portable Runtime Description NSPR provides platform ...

Page 415: ...d Dependencies openldap devel 2 3 43 7 Removed Dependencies openldap devel 2 0 27 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes ntp 4 2 2p1 9 el5_3 2 ntp 4 2 2p1 9 el5_4 1 Group System Environment Daemons Summary Synchronizes system time using the Network Time Protocol NTP Description The Network Time Protocol NTP is used to s...

Page 416: ...ded dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes openCryptoki 2 2 4 22 el5 openCryptoki 2 2 4 22 el5_4 2 Group Productivity Security Summary Implementation of Cryptoki v2 11 for IBM Crypto Hardware Description The PKCS 11 Version 2 11 api implemented for the IBM Crypto cards This package i...

Page 417: ... removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes openib 1 4 1 3 el5 openib 1 4 1 5 el5 Group System Environment Base Summary OpenIB Infiniband Driver Stack Description User space initialization scripts for the kernel InfiniBand drivers No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed c...

Page 418: ...1 2 el5 openmotif 2 3 1 2 el5_4 1 Group System Environment Libraries Summary Open Motif runtime libraries and executables Description This is the Open Motif 2 3 1 runtime environment It includes the Motif shared libraries needed to run applications which are dynamically linked against Motif and the Motif Window Manager mwm No added dependencies No removed dependencies No added provides No removed ...

Page 419: ...tivity Summary OpenOffice org comprehensive office suite Description OpenOffice org is an Open Source community developed multi platform office productivity suite It includes the key desktop applications such as a word processor spreadsheet presentation manager formula editor and drawing program with a user interface and feature set similar to other office suites Sophisticated and flexible OpenOff...

Page 420: ...orks that can be used from any machine and do not need to be run on a machine running the opensm daemon Added Dependencies byacc libibmad devel 1 3 3 Removed Dependencies libibmad devel 1 2 3 No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes openssh 4 3p2 36 el5 openssh 4 3p2 41 el5 Group Applications Internet Summary The OpenSSH ...

Page 421: ...e communications between machines OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes openswan 2 6 21 5 el5 openswan 2 6 21 5 el5_4 2 Group System Environment ...

Page 422: ...s transparently during the background and profile data can be collected at any time OProfile makes use of the hardware performance counters provided on Intel P6 and AMD Athlon family processors and can use the RTC for profiling on other x86 processor types See the HTML documentation for further details No added dependencies No removed dependencies No added provides No removed provides No added con...

Page 423: ...is module supports password checking ticket creation and optional TGT verification and conversion to Kerberos IV tickets The included pam_krb5afs module also gets AFS tokens if so configured No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes paps 0 6 6 18 el5 paps 0 6 6 19 el5 Group App...

Page 424: ...zing disk usage and copying data to new hard disks No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes pax 3 4 1 2 2 pax 3 4 2 el5 Group Applications Archiving Summary POSIX File System Archiver Description pax is the POSIX standard archive tool It supports the two most common forms of s...

Page 425: ... Environment Daemons Summary PC SC Lite smart card framework and applications Description The purpose of PC SC Lite is to provide a Windows R SCard interface in a very small form factor for communicating to smartcards and readers PC SC Lite uses the same winscard API as used under Windows R This package includes the PC SC Lite daemon a resource manager that coordinates communications with smart ca...

Page 426: ...Development Libraries Summary Perl bindings for the libvirt library Description The Sys Virt module provides a Perl XS binding to the libvirt virtual machine management APIs This allows machines running within arbitrary virtualization containers to be managed with a consistent API No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conf...

Page 427: ... Python module for spawning child applications controlling them and responding to expected patterns in their output Pexpect works like Don Libes Expect Pexpect allows your script to spawn a child application and control it as if a human were typing commands Pexpect can be used for automating interactive applications such as ssh ftp passwd telnet etc It can be used to automate setup scripts for dup...

Page 428: ...e which adds support for the PHP language to Apache HTTP Server No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes pidgin 2 5 9 1 el5 pidgin 2 6 6 1 el5 Group Applications Internet Summary A Gtk based multiprotocol instant messaging client Description Pidgin allows you to talk to anyone...

Page 429: ...LVS is a dynamically adjusted kernel routing mechanism that provides load balancing primarily for web and ftp servers though other services are supported No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes pirut 1 3 28 13 el5 pirut 1 3 28 17 el5 Group Applications System Summary Package ...

Page 430: ...ontrol policies including those based on the concepts of Type Enforcement Role based Access Control and Multi level Security policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system These utilities include load_policy to load policies setfiles to label filesystems newrole to switch roles and run_init to run etc init d scripts in the proper contex...

Page 431: ...be located on the same machine with the PostgreSQL server or may be on a remote machine which accesses a PostgreSQL server over a network connection This package contains the docs in HTML for the whole package as well as command line utilities for managing PostgreSQL databases on a PostgreSQL server If you want to manipulate a PostgreSQL database on a remote PostgreSQL server you need this package...

Page 432: ...ts a graph of the current system load average to a specified tty The uptime command displays the current time how long the system has been running how many users are logged on and system load averages for the past one five and fifteen minutes The w command displays a list of the users who are currently logged on and what they are running The watch program watches a running program The vmstat comma...

Page 433: ... Xen virtual machines Package includes several command line utilities including virt install build and install new VMs and virt clone clone an existing virtual machine No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes qlvnictools 0 0 1 11 el5 qlvnictools 0 0 1 12 el5 Group System Envir...

Page 434: ... Summary An implementation of the Simple Protocol for Independent Computing Environments Description The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computing desktop environment not only on the machine where it is running but from anywhere on the Internet and from a wide variety of machine archit...

Page 435: ...nto memory Description readahead reads the contents of a list of files into memory which causes them to be read from cache when they are actually needed Its goal is to speed up the boot process No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes redhat artwork 5 0 9 1 el5 redhat artwork ...

Page 436: ...dded dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes redhat release notes 5Client 29 redhat release notes 5Client 31 Group System Environment Base Summary Red Hat Enterprise Linux release notes files Description Red Hat Enterprise Linux release notes files No added dependencies No removed dep...

Page 437: ...stem Environment Base Summary Red Hat Enterprise Linux release notes files Description Red Hat Enterprise Linux release notes files No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes rgmanager 2 0 52 1 el5 rgmanager 2 0 52 6 el5 Group System Environment Base Summary Open Source HA Resou...

Page 438: ...r system to receive software updates from Red Hat Network No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes rhnlib 2 2 7 2 el5 rhnlib 2 5 22 3 el5 Group Development Libraries Summary Python libraries for the RHN project Description rhnlib is a collection of python modules used by the R...

Page 439: ... 7 el5 rhpxl 0 41 1 9 el5 Group System Environment Libraries Summary Python library for configuring and running X Description The rhpxl pronounced rapunzel package contains a Python library for configuring and running X No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes rsyslog 2 0 6 1 ...

Page 440: ...added obsoletes No removed obsoletes ruby 1 8 5 5 el5_3 7 ruby 1 8 5 5 el5_4 8 Group Development Languages Summary An interpreter of object oriented scripting language Description Ruby is the interpreted scripting language for quick and easy object oriented programming It has many features to process text files and to do system management tasks as in Perl It is simple straight forward and extensib...

Page 441: ... conflicts No removed conflicts No added obsoletes No removed obsoletes sblim 1 35 el5 sblim 1 40 el5 Group Applications System Summary Standards Based Linux Instrumentation for Manageability Description SBLIM stands for Standards Based Linux Instrumentation for Manageability and consists of a set of standards based Web Based Enterprise Management WBEM modules that use the Common Information Model...

Page 442: ... manager that can support multiple logins on one terminal Added Dependencies libutempter devel No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes scsi target utils 0 0 5 20080917snap el5 scsi target utils 0 0 6 20091205snap el5_4 1 Group System Environment Daemons Summary The SCSI target daemon and utility p...

Page 443: ... widely used Mail Transport Agent MTA Description The Sendmail program is a very widely used Mail Transport Agent MTA MTAs send mail from one machine to another Sendmail is not a client program which you use to read your email Sendmail is a behind the scenes program which actually moves your email over networks or the Internet to where you want it to go If you ever need to reconfigure Sendmail you...

Page 444: ... all users The useradd userdel and usermod commands are used for managing user accounts The groupadd groupdel and groupmod commands are used for managing group accounts No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes sos 1 7 9 27 el5 sos 1 7 9 49 el5 Group Development Libraries Summa...

Page 445: ...tools Added Dependencies krb5 devel No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes squirrelmail 1 4 8 5 el5_3 7 squirrelmail 1 4 8 5 el5_4 10 Group Applications Internet Summary SquirrelMail webmail client Description SquirrelMail is a standards based webmail package written in PHP4 It includes built in ...

Page 446: ... 5a75 3 Group Applications Archiving Summary An archiving tool with ACL support Description Star saves many files together into a single tape or disk archive and can restore individual files from the archive Star supports ACL No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes strace 4 5...

Page 447: ...ups of users the ability to run some or all commands as root while logging all commands and arguments Sudo operates on a per command basis It is not a replacement for the shell Features include the ability to restrict what commands a user may run on a per host basis copious logging of each command providing a clear audit trail of who did what a configurable timeout of the sudo command and the abil...

Page 448: ...3 Group Applications System Summary system config cluster is a utility which allows you to manage cluster configuration in a graphical setting Description system config cluster is a utility which allows you to manage cluster configuuration in a graphical setting No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obso...

Page 449: ...dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes system config services 0 9 4 1 el5 system config services 0 9 4 5 el5 Group Applications System Summary system config services is an initscript and xinetd configuration utility Description system config services is a utility which allows you to ...

Page 450: ...emoved obsoletes tar 1 15 1 23 0 1 el5 tar 1 15 1 30 el5 Group Applications Archiving Summary A GNU file archiving program Description The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that archive Tar can also be used to add supplemental files to an archive and to update or list files in the archive Tar includes multivolume supp...

Page 451: ...st idea to the completion of the project It assists you during project scoping resource assignment cost and revenue planning and risk and communication management No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes tcpdump 3 9 4 14 el5 tcpdump 3 9 4 15 el5 Group Applications Internet Sum...

Page 452: ... Tcsh includes a command line editor programmable word completion spelling correction a history mechanism job control and a C language like syntax No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes thunderbird 2 0 0 22 2 el5_3 thunderbird 2 0 0 24 2 el5_4 Group Applications Internet Sum...

Page 453: ...from diverse sources No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes tzdata 2009k 1 el5 tzdata 2010e 1 el5 Group System Environment Base Summary Timezone data Description This package contains data files with rules for various timezones around the world No added dependencies No remov...

Page 454: ...n programs Description Valgrind is a tool to help you find memory management problems in your programs When a program is run under Valgrind s supervision all reads and writes of memory are checked and calls to malloc new free delete are intercepted As a result Valgrind can detect a lot of problems that are otherwise very hard to find diagnose No added dependencies No removed dependencies No added ...

Page 455: ...ides No added conflicts No removed conflicts No added obsoletes No removed obsoletes virt manager 0 6 1 8 el5 virt manager 0 6 1 12 el5 Group Applications Emulators Summary Virtual Machine Manager Description Virtual Machine Manager provides a graphical tool for administering virtual machines for KVM Xen and QEmu Start stop add or remove virtual devices connect to a graphical or serial console and...

Page 456: ...d version of cron No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes vsftpd 2 0 5 16 el5 vsftpd 2 0 5 16 el5_4 1 Group System Environment Daemons Summary vsftpd Very Secure Ftp Daemon Description vsftpd is a Very Secure FTP daemon It was written completely from scratch No added dependen...

Page 457: ...are logged out recursive retrieval of directories file name wildcard matching remote file timestamp storage and comparison use of Rest with FTP servers and Range with HTTP servers to retrieve files over slow or unstable connections support for Proxy servers and configurability No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflict...

Page 458: ... domain 0 kernel which can be found in the kernel xen package Virtualization can be used to run multiple operating systems on one physical system for purposes of hardware consolidation hardware abstraction or to test untrusted applications in a sandboxed environment Added Dependencies bzip2 devel e4fsprogs devel xz devel No removed dependencies No added provides No removed provides No added confli...

Page 459: ... information refer to the DOM Level 3 Implementation page No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes xmlsec1 1 2 9 8 1 xmlsec1 1 2 9 8 1 1 Group Development Libraries Summary Library providing support for XML Signature and XML Encryption standards Description XML Security Librar...

Page 460: ...o added conflicts No removed conflicts No added obsoletes No removed obsoletes xorg x11 drv ast 0 81 0 3 xorg x11 drv ast 0 89 9 1 el5 Group User Interface X Hardware Support Summary Xorg X11 ast video driver Description X Org X11 ast video driver No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No remove...

Page 461: ... dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes xorg x11 drv i810 1 6 5 9 25 el5 xorg x11 drv i810 1 6 5 9 36 el5 Group User Interface X Hardware Support Summary Xorg X11 i810 video driver s Description X Org X11 i810 video driver No added dependencies No removed dependencies No added provid...

Page 462: ...soletes xorg x11 drv nv 2 1 12 6 el5 xorg x11 drv nv 2 1 15 3 el5 Group User Interface X Hardware Support Summary Xorg X11 nv video driver Description X Org X11 nv video driver No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes xorg x11 drv qxl 0 0 4 1 1 el5 xorg x11 drv qxl 0 0 12 1 2 ...

Page 463: ...n X Org X11 vesa video driver No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes xorg x11 server 1 1 1 48 67 el5 xorg x11 server 1 1 1 48 76 el5 Group User Interface X Summary X Org X11 X server Description X Org X11 X server Added Dependencies mesa source 6 5 1 7 8 el5 pam devel Remove...

Page 464: ...obsoletes No removed obsoletes xterm 215 8 el5 xterm 215 8 el5_4 1 Group User Interface X Summary xterm terminal emulator for the X Window System Description The xterm program is a terminal emulator for the X Window System It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can t use the window system directly No added dependencies No removed dependencies No added provi...

Page 465: ... for PowerPC machines which works on New World ROM machines Rev A iMac and newer and runs directly from Open Firmware eliminating the need for Mac OS yaboot can also bootload IBM pSeries machines No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes yp tools 2 9 0 1 yp tools 2 9 1 el5 Grou...

Page 466: ...achine running NIS client programs If you need an NIS server you ll need to install the ypserv package on one machine on the network No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes yum 3 2 22 20 el5 yum 3 2 22 26 el5 Group System Environment Base Summary RPM installer updater Descrip...

Page 467: ...in provides support for yum to access a Red Hat Network server for software updates No added dependencies No removed dependencies No added provides No removed provides No added conflicts No removed conflicts No added obsoletes No removed obsoletes ...

Page 468: ...458 ...

Page 469: ... B Revision History Revision 1 01 Thu Apr 22 2009 Ryan Lerch rlerch redhat com Added new Known Issue for Bug 575799 Revision 1 0 Wed Nov 26 2009 Ryan Lerch rlerch redhat com Initial Build of the 5 5 Technical Notes ...

Page 470: ...460 ...

Reviews:

No comments

Related manuals for ENTERPRISE LINUX 5.5 - S 2010

VFABRIC GEMFIRE

Brand: VMware Pages: 2

Brand: McAfee Pages: 205

G4 PANELPREVIEW V1.2

Brand: AMX Pages: 16

VS160 - StorageWorks DLT Tape Drive

Brand: HP Pages: 44

Brand: HP Pages: 72

Brand: HP Pages: 235

Brand: HP Pages: 301

IPSEC VPN CLIENT

Brand: ZyXEL Communications Pages: 2

Brand: Extron electronics Pages: 37

Brand: GameShark Pages: 16

Soundscape Mixer

Brand: Solid State Logic Pages: 109

6100BD - Phaser Color Laser Printer

Brand: Xerox Pages: 56

DREAMWEAVER 8-DREAMWEAVER API

Brand: MACROMEDIA Pages: 628

Brand: Oregon Scientific Pages: 8

Brand: Waves Pages: 16

Brand: Canon Pages: 100

EliteBook 2560p

Brand: HP Pages: 122

EliteBook 2760p

Brand: HP Pages: 3

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands