Update to 2.6.32-504.1.3 (the latest upstream version at the time of writing).
Fixes the following problems:
* CVE-2014-3611: KVM: host kernel DoS due to a race condition in PIT
emulation. A guest user who has access to PIT IO ports could use this
flaw to crash the host. (impact: important, host DoS from a guest)
* CVE-2014-3645, CVE-2014-3646: KVM: guest DoS by an unprivileged user
due to the missing handling of the VM exits for invept and invvpid.
(impact: moderate, guest DoS with certain Intel processors)
* CVE-2014-3185: local DoS/privilege escalation due to a memory corruption
in the USB ConnectTech WhiteHEAT serial driver (impact: moderate).
* BZ#
1148693: virtio-net: kernel was unable to boot with the mgr_rxbuf=off
option specified
* BZ#
1149083: possible kernel panic when using one of the newer IPSec
authentication header (AH) algorithms with Openswan.
* BZ#
1142570: possible DoS due to the race between PCI error recovery
and ifup/ifdown commands in the tg3 driver.
* BZ#
1149578: kernel panic when an IPMI interface was removed using
the hotmod scrpit.
* BZ#
1149580: possible kernel panic when adding an IPMI interface that
was previously removed using the hotmod script.
* BZ#
1145193: GFS2 failed to unmount a sub-mounted GFS2 file system if
its parent was also a GFS2 file system.
Change-Id: Ia6c60a039ed4c9b35b76600a89935a907c1a1b21
Related-bug: #
1395586
Related-bug: #
1395607