LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for September 4, 2008

The Kernel Hacker's Bookshelf: UNIX Internals

DRI, BSD, and Linux

SCHED_FIFO and realtime throttling

LWN.net Weekly Edition for August 28, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2008-1423 (kernel)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 8 Update: kernel-2.6.23.15-137.fc8


Date:
    	      Mon, 11 Feb 2008 15:39:28 -0700


Message-ID:
    	      <200802112239.m1BMcVxb005231@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1423
2008-02-11 20:30:09.696513
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 8
Version     : 2.6.23.15
Release     : 137.fc8
URL         : http://www.kernel.org/
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Update to Linux kernel 2.6.23.15:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6...    Fix vmsplice
local root vulnerability:  CVE-2008-0009: Fixed by update to 2.6.23.15.
CVE-2008-0010: Fixed by update to 2.6.23.15.  CVE-2008-0600: Extra fix from
upstream applied.    Fix memory leak in netlabel code.  Work around broken
Seagate LBA48 disks. (#429364)  Fix futex oops on uniprocessor machine.
(#429412)  Add support for new Macbook touchpads. (#426574)  Fix the initio
driver broken in 2.6.23. (#390531)  Fix segfaults from using vdso=2. (#427641)
FireWire updates, fixing multiple problems. (#429598)  ACPI: fix multiple
problems with brightness controls (#427518)  Fix Megahertz PCMCIA Ethernet
adapter (#233255)  Fix oops in netfilter. (#430663)  ACPI: fix early init of EC
(#426480)  ALSA: fix audio on some systems with STAC codec (#431360)  Atheros L2
fast Ethernet driver (atl2) for ASUS Eeepc.  ASUS Eeepc ACPI hotkey driver.
Wireless driver updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Feb 10 2008 Dave Airlie <airlied@redhat.com> 2.6.23.15-137
- CVE-2008-0600 - remote root vulnerability in vmsplice
* Fri Feb  8 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.15-136
- Linux 2.6.23.15
- Fix Megahertz PCMCIA Ethernet adapter (#233255)
* Wed Feb  6 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-135
- Bump version.
* Wed Feb  6 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-134
- Use the upstream fix for futex locking.
- Fix oops in netfilter (#430663)
* Tue Feb  5 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-133
- ACPI: fix early init of EC (#426480)
* Tue Feb  5 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-132
- ACPI: fix multiple problems with brightness controls (#427518)
* Tue Feb  5 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-131
- ALSA: fix audio on some systems with STAC codec (#431360)
* Tue Feb  5 2008 Jarod Wilson <jwilson@redhat.com> 2.6.23.14-130
- Pull in additional firewire fixes from upstream. Should resolve
  most 'giving up on config rom' problems (#429598).
* Tue Feb  5 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-129
- ASUS Eeepc hotkey ACPI driver.
* Thu Jan 31 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-128
- Strip extra leading slashes from path names in selinux.
* Thu Jan 31 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-127
- Added Atheros L2 fast Ethernet driver (atl2).
* Wed Jan 30 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-125
- Fix segfaults from using vdso=2 (#427641)
* Fri Jan 25 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-124
- Unset CONFIG_USB_DEVICE_CLASS (#362221)
* Fri Jan 25 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-123
- Fix the initio driver broken in 2.6.23. (#390531)
* Fri Jan 25 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-122
- Drop obsolete ptrace patch.
* Fri Jan 25 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-121
- Add support for new Macbook touchpads (#426574)
* Wed Jan 23 2008 John W. Linville <linville@redhat.com> 2.6.23.14-120
- bump release to get around Koji wierdness
* Wed Jan 23 2008 John W. Linville <linville@redhat.com> 2.6.23.14-119
- Latest wireless updates from upstream
- Remove obsolete ath5k and rtl8180 patches
- Add rndis_wext driver
* Tue Jan 22 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-118
- Fix futex oops on uniprocessor machine. (#429412)
* Tue Jan 22 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-117
- Work around broken Seagate LBA48 disks (#429364)
* Tue Jan 22 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-116
- Fix memory leak in netlabel code (F7#352281)
* Mon Jan 21 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-115
- No change, just increment release.
* Sat Jan 19 2008 Kyle McMartin <kmcmartin@redhat.com> 2.6.23.14-114
- Revert CONFIG_PHYSICAL_START on x86_64.
* Fri Jan 18 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-113
- Fix loss of mouse sync on some systems (#427697)
- Revert "libata: allow short SCSI commands for ATAPI devices" (F7#429353)
* Thu Jan 17 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.14-112
- Set x86 CONFIG_PHYSICAL_START=0x400000
* Thu Jan 17 2008 John W. Linville <linville@redhat.com> 2.6.23.14-111
- More wireless fixes headed for 2.6.24
- More wireless updates headed for 2.6.25
* Thu Jan 17 2008 Dave Airlie <airlied@redhat.com> 2.6.23.14-108
- update r500 patch to not have duplicate pciids.
* Mon Jan 14 2008 Kyle McMartin <kmcmartin@redhat.com> 2.6.23.14-107
- Linux 2.6.23.14
* Fri Jan 11 2008 Jarod Wilson <jwilson@redhat.com> 2.6.23.13-106
- FireWire update, should enable iidc reception on all controllers
- Update lirc bits to latest upstream
* Thu Jan 10 2008 John W. Linville <linville@redhat.com> 2.6.23.13-105
- rt2500usb thinko fix
- b43 N phy pre-support updates
- ath5k cleanups and beacon fixes
* Wed Jan  9 2008 John W. Linville <linville@redhat.com> 2.6.23.13-104
- More wireless fixes for 2.6.24
- More wireless update for 2.6.25
- Enable CONFIG_NL80211
* Wed Jan  9 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.13-103
- Linux 2.6.23.13
* Tue Jan  8 2008 Chuck Ebbert <cebbert@redhat.com> 2.6.23.12-102
- Restore /proc/slabinfo (#396041)
* Fri Jan  4 2008 John W. Linville <linville@redhat.com> 2.6.23.12-101
- Another round of wireless fixes headed for 2.6.24
- Another round of wireless updates headed for 2.6.25
* Fri Dec 21 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.12-100
- USB: Use upstream version of the Huawei USB modem fix.
* Wed Dec 19 2007 John W. Linville <linville@redhat.com> 2.6.23.12-99
- Some wireless fixes headed for 2.6.24
- Some wireless updates headed for 2.6.25
* Tue Dec 18 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.12-98
- Linux 2.6.23.12
- Add fixed version of APM emulation patch removed in 2.6.23.10
* Sat Dec 15 2007 David Woodhouse <dwmw2@redhat.com> 2.6.23.10-97
- Fix IPv6 checksums for pasemi-mac
* Fri Dec 14 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.10-96
- Linux 2.6.23.10
* Fri Dec 14 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-95
- Update utrace to latest.
* Fri Dec 14 2007 David Woodhouse <dwmw2@redhat.com> 2.6.23.9-94
- Re-enable and fix pasemi-mac (and gpio-mdio)
* Fri Dec 14 2007 David Woodhouse <dwmw2@redhat.com> 2.6.23.9-91
- PA Semi platform fixes
- Fix OProfile on non-Cell ppc64
* Wed Dec 12 2007 Dave Airlie <airlied@redhat.com> 2.6.23.9-90
- fixup radeon r500 patch to apply to proper function
* Wed Dec 12 2007 Dave Airlie <airlied@redhat.com> 2.6.23.9-89
- Add support for r500 DRM for making 2D accel go faster
* Tue Dec 11 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-88
- Enable the USB IO-Warrior driver. (#419661)
- ALSA: snd-hda-intel: don't go into polling mode. (#417141)
* Mon Dec 10 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-87
- highres-timers: update to -hrt4 (#394981); includes hang fix
* Mon Dec 10 2007 John W. Linville <linville@redhat.com> 2.6.23.9-86
- add module alias for "zd1211rw-mac80211"
* Fri Dec  7 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-84
- highres-timers: fix possible hang
* Thu Dec  6 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-82
- libata: fix AHCI controller reset (#411171)
- ACPI: don't init EC early if it has no _INI method (#334781)
* Wed Dec  5 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-81
- Fix some cpuidle bugs, should fix hangs on startup.
* Wed Dec  5 2007 John W. Linville <linville@redhat.com> 2.6.23.9-80
- Some wireless driver bits headed for 2.6.25
* Tue Dec  4 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-79
- libata: fix ATAPI tape drives (#394961)
- libata: allow short SCSI commands for ATAPI devices
* Mon Dec  3 2007 Jarod Wilson <jwilson@redhat.com> 2.6.23.9-78
- Fix FireWire OHCI 1.1 regression introduced by 1.0 support
* Sat Dec  1 2007 John W. Linville <linville@redhat.com> 2.6.23.9-77
- Some wireless bits headed for 2.6.25
- Make ath5k use software WEP
* Fri Nov 30 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-76
- ALSA: fix missing controls on some drivers (#370821)
- ACPI: send initial button state on startup (#275651)
* Fri Nov 30 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-75
- Disable e1000 link power management (#400561)
* Fri Nov 30 2007 Jarod Wilson <jwilson@redhat.com> 2.6.23.9-74
- Improved FireWire OHCI 1.0 Isochronous Receive support (#344851)
* Fri Nov 30 2007 John W. Linville <linville@redhat.com> 2.6.23.9-73
- Some more wireless bits headed for 2.6.24
* Thu Nov 29 2007 John W. Linville <linville@redhat.com> 2.6.23.9-72
- Resync wireless bits headed for 2.6.24
- Resync wireless bits headed for 2.6.25
* Wed Nov 28 2007 David Woodhouse <dwmw2@redhat.com> 2.6.23.9-71
- Add support for MPC52xx FEC (again)
* Wed Nov 28 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-70
- Fix further bugs in init of Huawei USB modem (#253096)
- Fix libata handling of IO ready test (#389971)
* Wed Nov 28 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-69
- Add support for SiS 7019 audio for K12LTSP project
* Tue Nov 27 2007 Kyle McMartin <kmcmartin@redhat.com> 2.6.23.9-68
- Some USB disks spin themselves down automatically and need
  scsi_device.allow_restart enabled so they'll spin back up.
* Tue Nov 27 2007 John W. Linville <linville@redhat.com> 2.6.23.9-67
- Fix NULL ptr reference in iwlwifi (CVE-2007-5938)
* Tue Nov 27 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.9-66
- ALSA 1.0.15 20071120
* Mon Nov 26 2007 Kyle McMartin <kmcmartin@redhat.com> 2.6.23.9-65
- Linux 2.6.23.9
* Mon Nov 26 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.8-64
- Set CONFIG_USB_DEVICE_CLASS (#397571)
* Wed Nov 21 2007 John W. Linville <linville@redhat.com> 2.6.23.8-63
- Revise b43 rev D support (new upstream patch)
- Restore ability to add/remove virtual i/fs to mac80211 devices
* Tue Nov 20 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.8-62
- Linux 2.6.23.9-rc1
* Mon Nov 19 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.8-61
- Fix oops in netfilter NAT module (#259501)
* Mon Nov 19 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.8-60
- libata: fix resume on some systems
- libata: fix pata_serverworks with some drive combinations
* Mon Nov 19 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.8-59
- Linux 2.6.23.8
* Thu Nov 15 2007 John W. Linville <linville@redhat.com> 2.6.23.1-56
- wireless fixes from 2.6.24
- wireless updates destined for 2.6.25
- ath5k driver updates
- add rtl8180 driver
- enable libertas driver
- add experimental b43 rev D support
* Thu Nov 15 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-55
- Add DMI based autoloading for the Dell dcdbas driver (#248257)
* Wed Nov 14 2007 Jarod Wilson <jwilson@redhat.com> 2.6.23.1-54
- Initial FireWire OHCI 1.0 Isochronous Receive support (#344851)
* Tue Nov 13 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-53
- Disable precise CPU time accounting, fixing a divide-by-zero bug.
- Disable transparent PCI bridge resizing.
* Tue Nov 13 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-52
- Add touchpad support for Dell Vostro 1400 and Thinkpad R61 (#375471)
* Tue Nov 13 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-51
- Fix completely broken sata_sis libata driver (#365331)
* Fri Nov  9 2007 Eric Paris <eparis@redhat.com> 2.6.23.1-50
- Fix loop iteration problem in selinux ebitmap code
* Thu Nov  8 2007 John W. Linville <linville@redhat.com> 2.6.23.1-49
- Resync wireless bits from current upstream
* Wed Nov  7 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-48
- md/raid5: fix misapplication of previous patch
- net: fix panic removing devices from teql secheduler
- net: fix oops in l2tp transmit and receive
- nfs: fix writeback race causing data corruption
- x86 setup: fix boot on 486DX4 processor
* Tue Nov  6 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-47
- update utrace
* Tue Nov  6 2007 Chuck Ebbert <cebbert@redhat.com> 2.6.23.1-46
- ALSA updates:
   hda: revert STAC92XX volume control changes (#354981)
   hda: add STAC92XX DMIC support
   hda: disable shared stream on AD1986A
   cmipci: fix wrong definitions
- CIFS: fix corruption when server returns EAGAIN (#357001)
- ACPI: suspend/resume fixes
- drivers: restore platform driver modaliases
- x86: fix tsc clocksource calibration
- x86_64: fix global tlb flushing bug
- hidinput: add powerbook driver to x86_64 config (#358721)
- spider_net: fix hang
- mm: fix invalid ptrace access causing kernel hang
- direct-io: fix return of stale data after DIO write
- md/raid5: fix data corruption in some failure cases
- serial: add IDs for some new Wacom tablets (#352811)
* Tue Nov  6 2007 David Airlie <airlied@redhat.com> 2.6.23.1-44
- Fix bug 228414 - X hangs at startup with Radeon X800 GTO PCIe with DRI
* Sat Nov  3 2007 David Woodhouse <dwmw2@redhat.com> 2.6.23.1-43
- Apply PS3 EHCI workaround to make rebooting work when hci_usb is loaded
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #429364 - Seagate ata harddrive not readable, zero hardware sectors
        https://bugzilla.redhat.com/show_bug.cgi?id=429364
  [ 2 ] Bug #429412 - System OOPS on soundserver crash
        https://bugzilla.redhat.com/show_bug.cgi?id=429412
  [ 3 ] Bug #426574 - appletouch does not recognize trackpad in macbook 3.1
        https://bugzilla.redhat.com/show_bug.cgi?id=426574
  [ 4 ] Bug #390531 - initio driver does not recognize INI-9100UW card
        https://bugzilla.redhat.com/show_bug.cgi?id=390531
  [ 5 ] Bug #427641 - exec-shield GPF handler vs fixmap vDSO
        https://bugzilla.redhat.com/show_bug.cgi?id=427641
  [ 6 ] Bug #432229 - [SECURITY] CVE-2008-0600 local escalation of privilege
        https://bugzilla.redhat.com/show_bug.cgi?id=432229
  [ 7 ] Bug #427518 - ACPI video driver should validate brightness level before setting it via
_BCM
        https://bugzilla.redhat.com/show_bug.cgi?id=427518
  [ 8 ] Bug #233255 - Megahertz EM1144-T pcmcia ethernet adapter doesn't work
        https://bugzilla.redhat.com/show_bug.cgi?id=233255
  [ 9 ] Bug #430663 - kernel crash in nf_nat_move_storage
        https://bugzilla.redhat.com/show_bug.cgi?id=430663
  [ 10 ] Bug #426480 - 2.6.23.9-85.fc8 kernel brings out more ACPI errors info in dmesg on toshiba
laptop
        https://bugzilla.redhat.com/show_bug.cgi?id=426480
  [ 11 ] Bug #431360 - no sound on a dell inspiron 1420
        https://bugzilla.redhat.com/show_bug.cgi?id=431360
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds