User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2006-1221 (kernel)

From:  "Dave Jones" <davej@redhat.com>
To:  fedora-package-announce@redhat.com
Subject:  [SECURITY] Fedora Core 5 Update: kernel-2.6.18-1.2239.fc5
Date:  Fri, 10 Nov 2006 20:56:09 -0500

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2006-1221 2006-11-10 --------------------------------------------------------------------- Product : Fedora Core 5 Name : kernel Version : 2.6.18 Release : 1.2239.fc5 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- Update Information: This updates to the latest upstream stable kernel (2.6.18.2), and also fixes a number of security issues. MOKB-05-11-2006: Linux 2.6.x ISO9660 __find_get_block_slow() denial of service http://projects.info-pull.com/mokb/MOKB-05-11-2006.html (CVE-2006-5757) MOKB-07-11-2006: Linux 2.6.x zlib_inflate memory corruption http://projects.info-pull.com/mokb/MOKB-07-11-2006.html MOKB-09-11-2006: Linux 2.6.x ext3fs_dirhash denial of service http://projects.info-pull.com/mokb/MOKB-10-11-2006.html Herbert Xu found a security issue in the Xen hypervisor, which would allow a malicious guest to access a freed grant table page after freeing and possibly having it reallocated to another guest. --------------------------------------------------------------------- * Fri Nov 10 2006 Juan Quintela <quintela@redhat.com> - disable XEN_FRAMEBUFFER & XEN_KEYBOARD. * Fri Nov 10 2006 Dave Jones <davej@redhat.com> - Xen grant table operations security fix. - Disable W1 (#195825) * Thu Nov 9 2006 Dave Jones <davej@redhat.com> - Change HZ to 1000 for increased accuracy. (Except in Xen, where it stays at 250 for now). - TTY locking fixes. - splice : Must fully check for FIFO - Fix potential NULL dereference in sys_move_pages - ISO9660 __find_get_block_slow() denial of service CVE-2006-5757 - Fix up oops in cramfs when encountering corrupt images. - E1000 suspend/resume fixes. - Set CIFS preferred IO size. (#214607) * Mon Nov 6 2006 Roland McGrath <roland@redhat.com> - New utrace patch: fix locking snafu crash on second engine attach. * Sun Nov 5 2006 Dave Jones <davej@redhat.com> - Suspend/Resume fixes for forcedeth. (#187653) * Sat Nov 4 2006 Dave Jones <davej@redhat.com> - 2.6.18.2 * Thu Nov 2 2006 Dave Jones <davej@redhat.com> - Nuke broken lazy execshield xen patch. - Use heuristics to determine whether to enable lapic on i386. * Wed Nov 1 2006 Dave Jones <davej@redhat.com> - 2.6.18.2-rc1 * Tue Oct 31 2006 Dave Jones <davej@redhat.com> - Fix UFS mounts on x86-64 (#209921) - Fix problem where USB storage isn't seen on reboot. (#212191) * Sun Oct 29 2006 Dave Jones <davej@redhat.com> - More ext3 robustness fixes. - Include more verbose BUG() data - x86_64: Fix up C3 timer latency. * Sat Oct 21 2006 Dave Jones <davej@redhat.com> - Reenable NCPFS (#211325, #203663) - Netpoll fixes. (#199295) * Fri Oct 20 2006 Dave Jones <davej@redhat.com> - Fix autofs creating bad dentries in NFS mount. (#211206, #211207) - Fix softlockup with ips driver. (#196437) - Further exec-shield improvements. - Fix lockup with sky2 driver. (#202203) * Thu Oct 19 2006 Dave Jones <davej@redhat.com> - Export copy_4K_page for ppc64 (#211410) - Attempt to fix CIFS bug (#211070) * Wed Oct 18 2006 Dave Jones <davej@redhat.com> - Fix up aic7xxx SBLKCTL register handling (#211251) - Disable SECMARK by default. (#211115) - Disable some extra debugging stuff that crept in. - Remove broken VIA quirk that prevented booting on some EPIAs (#211298) * Tue Oct 17 2006 Dave Jones <davej@redhat.com> - Silence noisy boot-time messages. (#180606) - Workaround gcc bug with weak symbols (#191458) - Don't let speedstep-smi register on mobile Pentium4 (#204477) * Sat Oct 14 2006 Dave Jones <davej@redhat.com> - Fix jbd crash with 1KB block size filesystems. * Sat Oct 14 2006 Dave Jones <davej@redhat.com> [2.6.18-1.2200.fc5] - 2.6.18.1 * Tue Oct 10 2006 Dave Jones <davej@redhat.com> - DWARF2 unwinder fixes. - Various lockdep fixes. - Sync various other patches from the FC6 kernel. * Sun Oct 1 2006 Dave Jones <davej@redhat.com> - Drop the STICKY tag from acpi-cpufreq, it breaks suspend/resume. * Fri Sep 29 2006 Dave Jones <davej@redhat.com> - Execshield improvements. (Bart Oldeman) - Disable PM_DEBUG * Thu Sep 28 2006 Roland McGrath <roland@redhat.com> - utrace typo fix for x86-64 watchpoints (#207467) * Thu Sep 28 2006 Dave Jones <davej@redhat.com> - Fix ISAPNP messages on ppc32. (#207641) * Thu Sep 28 2006 Dave Jones <davej@redhat.com> - Another day, another round of lockdep fixes. - Align kernel data segment to page boundary. (#206863) * Thu Sep 28 2006 Steven Whitehouse <swhiteho@redhat.com> - New GFS2 patch * Thu Sep 28 2006 Dave Jones <davej@redhat.com> - Fix "kernel BUG at fs/buffer.c:2789!" bug * Wed Sep 27 2006 Dave Jones <davej@redhat.com> - yet more lockdep fixes. - Fix a problem with XFS & the inode diet patches. - Fix rpc_pipefs umount oops - Enable alternative TCP congestion algorithms. * Tue Sep 26 2006 Dave Jones <davej@redhat.com> - Enable serverworks IDE driver for x86-64. - More lockdep fixes. * Mon Sep 25 2006 Jarod Wilson <jwilson@redhat.com> - Make kernel packages own initrd files * Mon Sep 25 2006 John W. Linville <linville@redhat.com> - Add periodic work fix for bcm43xx driver * Sat Sep 23 2006 Dave Jones <davej@redhat.com> - Disable dgrs driver. * Thu Sep 21 2006 Dave Jones <davej@redhat.com> - reiserfs: make sure all dentry refs are released before calling kill_block_super - Fix up some compile warnings * Thu Sep 21 2006 Juan Quintela <quintela@redhat.com> - re-enable xen. - update xen: * linux-2.6 changeset: 34294:dc1d277d06e0 * linux-2.6-xen-fedora changeset: 36184:47c098fdce14 * xen-unstable changeset: 11540:9837ff37e354 - update xen HV to changeset: 11540:9837ff37e354 - xen HV printf rate limit (rostedt). * Wed Sep 20 2006 Dave Jones <davej@redhat.com> - 2.6.18 - i965 AGP suspend support. - AGP x8 fixes. * Tue Sep 19 2006 Juan Quintela <quintela@redhat.com> - updated xen configs to sync with rawhide ones (don't be afraid, xen0/xenU still around). - xen update. * linux-2.6 changeset: 34228:ea3369ba1e2c * linux-2.6-xen-fedora changeset: 36109:eefcfd07d102 * linux-2.6-xen changeset: 22905:d8ae02f7df05 * xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa * Mon Sep 18 2006 Dave Jones <davej@redhat.com> - Bring back 586smp - Fix RTC lockdep bug. (Peter Zijlstra) * Mon Sep 18 2006 Juan Quintela <quintela@redhat.com> - xen HV update (cset 11470:2b8dc69744e3). * Sun Sep 17 2006 Juan Quintela <quintela@redhat.com> - xen update: * linux-2.6 changeset: 34228:ea3369ba1e2c * linux-2.6-xen-fedora changeset: 36107:47256dbb1583 * linux-2.6-xen changeset: 22905:d8ae02f7df05 * xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa * Sun Sep 17 2006 Dave Jones <davej@redhat.com> - Rebase to 2.6.18rc7-git2 * Mon Sep 11 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2187_FC5] - Add quirk for Samsung mp3 player. (#198128) * Sun Sep 10 2006 Dave Jones <davej@redhat.com> - Fix up mismerge in USB storage driver. * Sat Sep 9 2006 Dave Jones <davej@redhat.com> - 2.6.17.13 * Fri Sep 8 2006 Dave Jones <davej@redhat.com> - 2.6.17.12 * Thu Aug 24 2006 Jarod Wilson <jwilson@redhat.com> - update to 2.6.17.11 * Tue Aug 22 2006 Bill Nottingham <notting@redhat.com> - update to 2.6.17.10« * Tue Aug 15 2006 Juan Quintela <quintela@redhat.com> - linux-2.6-xen update * linux-2.6.17-xen cset changeset: 29033:e6adb54afb96 * linux-2.6-xen cset 22813:80c2ccf5c330 - s/xen_version/xen_hv_cset/ as Fedora. - update xen hv to cset 11061. * Mon Aug 7 2006 Mike Christie <mchristi@redhat.com> - Drop iscsi update patch. * Mon Aug 7 2006 Dave Jones <davej@redhat.com> - 2.6.17.8 * Fri Aug 4 2006 Dave Jones <davej@redhat.com> - Fix split lock patch for 64bit. * Fri Aug 4 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2171_FC5] - 2.6.17.8rc1 * Wed Aug 2 2006 Dave Jones <davej@redhat.com> - Readd patch to allow 460800 baud on 16C950 UARTs * Sat Jul 29 2006 Dave Jones <davej@redhat.com> - Silence noisy SCSI ioctl. (#200638) * Fri Jul 28 2006 Dave Jones <davej@redhat.com> - 2.6.17.7 * Thu Jul 27 2006 Rik van Riel <riel@redhat.com> - reduce hypervisor stack use with -O2, this really fixes bug (#198932) * Tue Jul 25 2006 Rik van Riel <riel@redhat.com> - disable debug=y hypervisor build option because of stack overflow (#198932) * Tue Jul 25 2006 Dave Jones <davej@redhat.com> - Enable serio_raw (#199387) * Sun Jul 16 2006 Dave Jones <davej@redhat.com> - Support up to 4GB in the 586 kernel again. * Sun Jul 16 2006 Dave Jones <davej@redhat.com> - 2.6.17.6 * Fri Jul 14 2006 Dave Jones <davej@redhat.com> - Reenable SMC NIC driver. * Tue Jul 11 2006 Dave Jones <davej@redhat.com> - 2.6.17.4 - Disable split pagetable lock * Sat Jul 8 2006 Juan Quintela <quintela@redhat.com> - enable CONFIG_CRASH on xen kernels. - enable CONFIG_PCIDEV_BACKEND on xen kernels. - make BLKDEV_FRONTEND a module on xen kernels. - rebase with linux-2.6-xen-fedora 28918. - Update to xen-unstable HV cset 10508. - xen: credit scheduler is the default now. * Wed Jul 5 2006 Dave Jones <davej@redhat.com> - Get rid of stack backtrace on panic, which in most cases actually caused a loss of info instead of a gain. * Tue Jul 4 2006 Juan Quintela <quintela@redhat.com> - new merge with xen upstream. - xen kernel don't require xen userland. - new xen kernel (same as rawhide one) with PAE support. - removed xen0-PAE & xenU-PAE (see xen kernel). * Fri Jun 30 2006 Dave Jones <davej@redhat.com> - 2.6.17.3 - 2.6.17.2 - Fix the ALSA list_add bug. * Mon Jun 26 2006 Dave Jones <davej@redhat.com> - Enable fake PCI hotplug driver. (#190437) - Enable gameport/joystick on i586 builds. (#196581) * Sat Jun 24 2006 Dave Jones <davej@redhat.com> - Enable profiling for 586 kernels. * Fri Jun 23 2006 Dave Jones <davej@redhat.com> - Make 'quiet' work again. * Tue Jun 20 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2139_FC5] - Rebuild with slab debug off. * Tue Jun 20 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2138_FC5] - 2.6.17.1 * Sun Jun 18 2006 Dave Jones <davej@redhat.com> - 2.6.17 - Only print info about SMP alternatives on SMP kernels. * Tue Jun 6 2006 Dave Jones <davej@redhat.com> [2.6.16-1.2133_FC5] - Add a PPC64 kdump kernel. * Mon Jun 5 2006 Dave Jones <davej@redhat.com> [2.6.16-1.2132_FC5] - 2.6.16.20 * Thu Jun 1 2006 Dave Jones <davej@redhat.com> - Reenable Xen builds. * Tue May 30 2006 Dave Jones <davej@redhat.com> - 2.6.16.19 * Sun May 28 2006 Dave Jones <davej@redhat.com> - Fix unresolved symbol. (#193333) * Sat May 27 2006 Dave Jones <davej@redhat.com> - Improve list corruption debugging patch. * Fri May 26 2006 Dave Jones <davej@redhat.com> - Remove xenU initrd's when kernel is removed. * Fri May 26 2006 Juan Quintela <quintela@redhat.com> - Remove ARCH=xen reminiscences on spec file --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/u... 09e0eb5e1fdae3dbbac7c5b6bb97fc83dce7e79d SRPMS/kernel-2.6.18-1.2239.fc5.src.rpm 09e0eb5e1fdae3dbbac7c5b6bb97fc83dce7e79d noarch/kernel-2.6.18-1.2239.fc5.src.rpm ab6e6892988d169fc7357a527db0473c77745d20 ppc/kernel-smp-2.6.18-1.2239.fc5.ppc.rpm 5ed7b34f558e65e5a6857f6de99029c9f463ff6a ppc/kernel-devel-2.6.18-1.2239.fc5.ppc.rpm ed976f0d8ea7554406a38c71f95122a471c1b72e ppc/kernel-2.6.18-1.2239.fc5.ppc.rpm 84e185286c4614d77ff9b0e4bc916776d461ca23 ppc/kernel-smp-devel-2.6.18-1.2239.fc5.ppc.rpm 5baf20cd1ab8ed50632e8a34439315fbb18b92bf ppc/debug/kernel-debuginfo-2.6.18-1.2239.fc5.ppc.rpm f24bb7e4fec4bcea364f0269b8361ea08c8b518d ppc/kernel-doc-2.6.18-1.2239.fc5.noarch.rpm d931ee827cf0b8df5d8f207b71164faee0954045 x86_64/kernel-xen0-2.6.18-1.2239.fc5.x86_64.rpm f6862f1d88fdb106b08144a2e58871262544a01e x86_64/kernel-kdump-devel-2.6.18-1.2239.fc5.x86_64.rpm 320165993d25fc0a3aea062c460703d723a1f108 x86_64/kernel-xen-devel-2.6.18-1.2239.fc5.x86_64.rpm d60232c018b8ec9bedd6ab99144f71bc6c93abb8 x86_64/kernel-devel-2.6.18-1.2239.fc5.x86_64.rpm 730f4ad90872a663c060f52bfdc68aecedef7b6f x86_64/kernel-xen-2.6.18-1.2239.fc5.x86_64.rpm af3d00a7a13b152939f1eee86049dc3115dc2abd x86_64/kernel-kdump-2.6.18-1.2239.fc5.x86_64.rpm 8f79318c45de1e4aab09ca79f2943ca95793381c x86_64/debug/kernel-debuginfo-2.6.18-1.2239.fc5.x86_64.rpm 82e6e6c97ce43c05510ac132f5a8bdc577caf40f x86_64/kernel-xenU-devel-2.6.18-1.2239.fc5.x86_64.rpm ac36533a48712b9615f99cb108ebb13a892c1479 x86_64/kernel-2.6.18-1.2239.fc5.x86_64.rpm ca3b1e28bdd8b5b0266ac886131b5a2856986bea x86_64/kernel-xen0-devel-2.6.18-1.2239.fc5.x86_64.rpm 78f8e6efb6c87c808b9bab97fc822848bd00163d x86_64/kernel-xenU-2.6.18-1.2239.fc5.x86_64.rpm f24bb7e4fec4bcea364f0269b8361ea08c8b518d x86_64/kernel-doc-2.6.18-1.2239.fc5.noarch.rpm e48dadba1f40a1fd520beb25233b81366851c98b i386/kernel-2.6.18-1.2239.fc5.i586.rpm b56df17cebcb26dee7787dd4e34e3e9cc984cd89 i386/kernel-smp-2.6.18-1.2239.fc5.i586.rpm aed3a5533294e311ca96318e43894b2320e7f023 i386/kernel-devel-2.6.18-1.2239.fc5.i586.rpm f356317658dacc6721979368d83e3c9bed21e561 i386/debug/kernel-debuginfo-2.6.18-1.2239.fc5.i586.rpm d844b2c1dccec6c2d3f90321a9087b0fecf01552 i386/kernel-smp-devel-2.6.18-1.2239.fc5.i586.rpm ffd844fab6dd2acbaa84802fa866d94419cf6113 i386/kernel-2.6.18-1.2239.fc5.i686.rpm 5dc59f46885d1a17497803f4b08bd7082213c97c i386/kernel-devel-2.6.18-1.2239.fc5.i686.rpm d2f50e0091c45a68fd4dc74d81a558c38f99adbd i386/kernel-xen0-2.6.18-1.2239.fc5.i686.rpm 4a8bdf206606cd73a97ddafa1b6641424505accf i386/kernel-xen-devel-2.6.18-1.2239.fc5.i686.rpm 2b15c8764e23696896b9c83ee0bd2fbea7bc6127 i386/kernel-kdump-devel-2.6.18-1.2239.fc5.i686.rpm 95ea6cac7b03520976a3bfe4fb43ba4c2cf40a1d i386/kernel-xen-2.6.18-1.2239.fc5.i686.rpm 03f60a5f1ebeebc06b71d7d9ffd378ac05282da9 i386/kernel-xenU-devel-2.6.18-1.2239.fc5.i686.rpm 8cb30b3721100e609a56358e9c73bf4b54a60eaa i386/kernel-xenU-2.6.18-1.2239.fc5.i686.rpm e6774742d0cf819d2f7f17652bf0df673a6636f1 i386/kernel-smp-2.6.18-1.2239.fc5.i686.rpm 94d232f90b0a002aa37438ce9d7e830f3250c142 i386/kernel-kdump-2.6.18-1.2239.fc5.i686.rpm af58a9f01c0fed87e07623a50839867c21fb2615 i386/kernel-xen0-devel-2.6.18-1.2239.fc5.i686.rpm 4910b3ee467965e7bd3f1eba0b26a68fd656e1d1 i386/kernel-smp-devel-2.6.18-1.2239.fc5.i686.rpm b28fd2d22f215a8e3aed1ce4a85614888737a56a i386/debug/kernel-debuginfo-2.6.18-1.2239.fc5.i686.rpm f24bb7e4fec4bcea364f0269b8361ea08c8b518d i386/kernel-doc-2.6.18-1.2239.fc5.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds