[ol7_UEKR4_archive] kernel-uek-firmware-4.1.12-61.1.25.el7uek.noarch

Name:	kernel-uek-firmware
Version:	4.1.12
Release:	61.1.25.el7uek
Architecture:	noarch
Group:	Development/System
Size:	3004314
License:	GPL+ and GPLv2+ and MIT and Redistributable, no modification permitted
RPM:	kernel-uek-firmware-4.1.12-61.1.25.el7uek.noarch.rpm
Source RPM:	kernel-uek-4.1.12-61.1.25.el7uek.src.rpm
Build Date:	Thu Jan 12 2017
Build Host:	x86-ol7-builder-01.us.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Firmware files used by the Linux kernel
Description:	Kernel firmware includes firmware files required for some devices to operate.

Changelog (Show File list) (Show related packages)

Wed Jan 11 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.25.el7uek]

- KEYS: Fix short sprintf buffer in /proc/keys show function (David Howells)  [Orabug: 25306361]  {CVE-2016-7042} 
- nvme: Limit command retries (Keith Busch)  [Orabug: 25374751]  
- fs/proc/task_mmu.c: fix mm_access() mode parameter in pagemap_read() (Kenny Keslar)  [Orabug: 25374977]  
- tcp: fix use after free in tcp_xmit_retransmit_queue() (Eric Dumazet)  [Orabug: 25374364]  {CVE-2016-6828} 
- tunnels: Don't apply GRO to multiple layers of encapsulation. (Jesse Gross)  [Orabug: 25036352]  {CVE-2016-8666} 
- i40e: Don't notify client(s) for DCB changes on all VSIs (Neerav Parikh)  [Orabug: 25046290]  
- packet: fix race condition in packet_set_ring (Philip Pettersson)  [Orabug: 25231617]  {CVE-2016-8655} 
- netlink: Fix dump skb leak/double free (Herbert Xu)  [Orabug: 25231692]  {CVE-2016-9806} 
- ALSA: pcm : Call kill_fasync() in stream lock (Takashi Iwai)  [Orabug: 25231720]  {CVE-2016-9794} 
- net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (Eric Dumazet)  [Orabug: 25231751]  {CVE-2016-9793}

Wed Jan 04 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.24.el7uek]
```
- rebuild bumping release
```

Tue Dec 20 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.23.el7uek]

- net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo)  [Orabug: 25298601]  {CVE-2016-7117}

Fri Dec 02 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.22.el7uek]

- ocfs2: fix trans extend while free cached blocks (Junxiao Bi)  [Orabug: 25136991]  
- ocfs2: fix trans extend while flush truncate log (Junxiao Bi)  [Orabug: 25136991]  
- ocfs2: extend enough credits for freeing one truncate record while replaying truncate records (Xue jiufei)  [Orabug: 25136991]  
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (Andrey Ryabinin)  [Orabug: 25154096]  {CVE-2016-8650} {CVE-2016-8650} 
- mlx4: avoid multiple free on id_map_ent (Wengang Wang)  [Orabug: 25159035]

Wed Nov 23 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.21.el7uek]

- NVMe: reduce queue depth as workaround for Samsung EPIC SQ errata (Ashok Vairavan)  [Orabug: 25144380]  
- sctp: validate chunk len before actually using it (Marcelo Ricardo Leitner)  [Orabug: 25142868]  {CVE-2016-9555}

Fri Nov 18 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.20.el7uek]
```
- rebuild bumping release
```

Fri Nov 18 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.19.el7uek]

- acpi: Disable ACPI table override if securelevel is set (Linn Crosetto)  [Orabug: 25058966]  {CVE-2016-3699} 
- aacraid: Check size values after double-fetch from user (Dave Carroll)  [Orabug: 25060060]  {CVE-2016-6480} {CVE-2016-6480} 
- audit: fix a double fetch in audit_log_single_execve_arg() (Paul Moore)  [Orabug: 25059969]  {CVE-2016-6136} 
- ecryptfs: don't allow mmap when the lower fs doesn't support it (Jeff Mahoney)  [Orabug: 25023269]  {CVE-2016-1583} {CVE-2016-1583} 
- Revert "ecryptfs: forbid opening files without mmap handler" (Chuck Anderson)  [Orabug: 24971921]  {CVE-2016-1583} 
- percpu: fix synchronization between synchronous map extension and chunk destruction (Tejun Heo)  [Orabug: 25060084]  {CVE-2016-4794} 
- percpu: fix synchronization between chunk->map_extend_work and chunk destruction (Tejun Heo)  [Orabug: 25060084]  {CVE-2016-4794} 
- ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt (Kangjie Lu)  [Orabug: 25059898]  {CVE-2016-4578} 
- ALSA: timer: Fix leak in events via snd_timer_user_ccallback (Kangjie Lu)  [Orabug: 25059898]  {CVE-2016-4578} 
- ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (Kangjie Lu)  [Orabug: 25059752]  {CVE-2016-4569} 
- Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (Jaganath Kanakkassery)  [Orabug: 25058894]  {CVE-2015-8956} 
- ASN.1: Fix non-match detection failure on data overrun (David Howells)  [Orabug: 25059037]  {CVE-2016-2053} 
- mm: migrate dirty page without clear_page_dirty_for_io etc (Hugh Dickins)  [Orabug: 25059188]  {CVE-2016-3070}

Fri Nov 04 2016 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.18.el7uek]

- uek-rpm ol7: change uek-rpm/ol7/update-el release value from 7.1 to 7.3 (Chuck Anderson)  [Orabug: 25050614]

Mon Oct 31 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.17.el7uek]

- sched: panic on corrupted stack end (Jann Horn)  [Orabug: 24971921]  {CVE-2016-1583} 
- ecryptfs: forbid opening files without mmap handler (Jann Horn)  [Orabug: 24971921]  {CVE-2016-1583} 
- proc: prevent stacking filesystems on top (Jann Horn)  [Orabug: 24971921]  {CVE-2016-1583}

Fri Oct 21 2016 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.16.el7uek]

- mm: remove gup_flags FOLL_WRITE games from __get_user_pages() (Linus Torvalds)  [Orabug: 24927306]  {CVE-2016-5195}