User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2013-22695 (kernel)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 18 Update: kernel-3.11.10-100.fc18
Date:  Tue, 10 Dec 2013 06:16:37 +0000
Message-ID:  <20131210061637.DA71D21D19@bastion01.phx2.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-22695 2013-12-04 06:15:26 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 18 Version : 3.11.10 Release : 100.fc18 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. -------------------------------------------------------------------------------- Update Information: The 3.11.10 stable update contains a number of important fixes across the tree -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 30 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-6405 net: leak of uninited mem to userspace via recv syscalls (rhbz 1035875 1035887) * Fri Nov 29 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.11.10-100 - Linux v3.11.10 - Fix memory leak in qxl (from Dave Airlie) * Tue Nov 26 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix usbnet URB handling (rhbz 998342) - Fix crash in via-velocity driver (rhbz 1022733) - CVE-2013-6382 xfs: missing check for ZERO_SIZE_PTR (rhbz 1033603 1034670) * Mon Nov 25 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-6380 aacraid: invalid pointer dereference (rhbz 1033593 1034304) - CVE-2013-6378 libertas: potential oops in debugfs (rhbz 1033578 1034183) * Fri Nov 22 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patches from Jeff Layton to fix 15sec NFS mount hang * Wed Nov 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.11.9-100 - Linux v3.11.9 * Mon Nov 18 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix rhel5.9 KVM guests (rhbz 967652) - Add patch to fix crash from slab when using md-raid mirrors (rhbz 1031086) - Add patches from Pierre Ossman to fix 24Hz/24p radeon audio (rhbz 1010679) - Add patch to fix ALX phy issues after resume (rhbz 1011362) - Fix ipv6 sit panic with packet size > mtu (from Michele Baldessari) (rbhz 1015905) * Thu Nov 14 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4563: net: large udp packet over IPv6 over UFO-enabled device with TBF qdisc panic (rhbz 1030015 1030017) * Wed Nov 13 2013 Justin M. Forbes <jforbes@fedoraproject.org> - 3.11.8-100 - Linux v3.11.8 * Sat Nov 9 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch from Daniel Stone to avoid high order allocations in evdev - Add qxl backport fixes from Dave Airlie * Mon Nov 4 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.11.7-100 - Add patch to fix iwlwifi queue settings backtrace (rhbz 1025769) * Mon Nov 4 2013 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.11.7 * Fri Nov 1 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.11.6-101 - Revert blocking patches causing systemd to crash on resume (rhbz 1010603) - CVE-2013-4348 net: deadloop path in skb_flow_dissect (rhbz 1007939 1025647) * Thu Oct 31 2013 Josh Boyer <jwboyer@fedoraprorject.org> - Fix display regression on Dell XPS 13 machines (rhbz 995782) * Tue Oct 29 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix plaintext auth regression in cifs (rhbz 1011621) * Fri Oct 25 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4470 net: memory corruption with UDP_CORK and UFO (rhbz 1023477 1023495) - Add touchpad support for Dell XT2 (rhbz 1023413) * Tue Oct 22 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix warning in tcp_fastretrans_alert (rhbz 989251) * Fri Oct 18 2013 Justin M. Forbes <jforbes@fedoraproject.org> - 3.11.6-100 - Linux v3.11.6 * Thu Oct 17 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix BusLogic error (rhbz 1015558) - Fix rt2800usb polling timeouts and throughput issues (rhbz 984696) * Wed Oct 16 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix btrfs balance/scrub issue (rhbz 1011714) * Tue Oct 15 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix regression in radeon sound (rhbz 1010679) * Mon Oct 14 2013 Kyle McMartin <kyle@redhat.com> - Fix crash-driver.patch to properly use page_is_ram. * Mon Oct 14 2013 Justin M. Forbes <jforbes@fedoraproject.org> - 3.11.5-100 - Linux v3.11.5 * Fri Oct 11 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix segfault in cpupower set (rhbz 1000439) * Thu Oct 10 2013 Justin M. Forbes <jforbes@fedoraproject.org> - 3.11.4-101 - Fix linux-firmware requirement * Thu Oct 10 2013 Josh Boyer <jwboyer@fedoraproject.org> - USB OHCI accept very late isochronous URBs (in 3.11.4) (rhbz 975158) - Fix large order allocation in dm mq policy (rhbz 993744) * Wed Oct 9 2013 Josh Boyer <jwboyer@fedoraproject.org> - Don't trigger a stack trace on crashing iwlwifi firmware (rhbz 896695) - Add patch to fix VFIO IOMMU crash (rhbz 998732) * Tue Oct 8 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix nouveau crash (rhbz 1015920) * Tue Oct 8 2013 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.11.4 - Add missing 3.11 patches from F19 * Tue Oct 8 2013 Josh Boyer <jwboyer@fedoraproject.org> - Quiet irq remapping stack trace (rhbz 982153) - Use RCU safe kfree for conntrack (rhbz 1015989) * Fri Oct 4 2013 Justin M. Forbes <jforbes@fedoraproject.org> 3.10.14-100 - Linux v3.10.14 * Thu Oct 3 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4387 ipv6: panic when UFO=On for an interface (rhbz 1011927 1015166) * Mon Sep 30 2013 Josh Boyer <jwboyer@fedoraproject.org> - Drop VC_MUTE patch (rhbz 859485) * Fri Sep 27 2013 Justin M. Forbes <jforbes@fedoraproject.org> 3.10.13-101 - Bump and tag for build * Fri Sep 27 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add HID revert patch to fix logitech unifying devices (rhbz 1013000) - Add patches to fix soft lockup from elevator changes (rhbz 902012) * Fri Sep 27 2013 Justin M. Forbes <jforbes@fedoraproject.org> 3.10.13-100 - Linux v3.10.13 * Mon Sep 23 2013 Neil Horman <nhorman@redhat.com> - Add alb learning packet config knob (rhbz 971893) * Fri Sep 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix multimedia keys on Genius GX keyboard (rhbz 928561) * Tue Sep 17 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4345 ansi_cprng: off by one error in non-block size request (rhbz 1007690 1009136) * Mon Sep 16 2013 Justin M. Forbes <jforbes@fedoraproject.org> 3.10.12-100 - Linux v3.10.12 * Fri Sep 13 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4350 net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit (rhbz 1007872 1007903) - CVE-2013-4343 net: use-after-free TUNSETIFF (rhbz 1007733 1007741) * Thu Sep 12 2013 Josh Boyer <jwboyer@fedoraproject.org> - Update HID CVE fixes to fix crash from lenovo-tpkbd driver (rhbz 1003998) * Wed Sep 11 2013 Neil Horman <nhorman@redhat.com> - Fix race in crypto larval lookup * Mon Sep 9 2013 Josh Boyer <jwboyer@fedoraproject.org> 3.10.11-100 - Fix system freeze due to incorrect rt2800 initialization (rhbz 1000679) * Mon Sep 9 2013 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.10.11 * Fri Aug 30 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix HID CVEs. Absurd. - CVE-2013-2888 rhbz 1000451 1002543 CVE-2013-2889 rhbz 999890 1002548 - CVE-2013-2891 rhbz 999960 1002555 CVE-2013-2892 rhbz 1000429 1002570 - CVE-2013-2893 rhbz 1000414 1002575 CVE-2013-2894 rhbz 1000137 1002579 - CVE-2013-2895 rhbz 1000360 1002581 CVE-2013-2896 rhbz 1000494 1002594 - CVE-2013-2897 rhbz 1000536 1002600 CVE-2013-2899 rhbz 1000373 1002604 * Thu Aug 29 2013 Justin M. Forbes <jforbes@fedoraproject.org> 3.10.10-100 - Linux v3.10.10 * Wed Aug 28 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add mei patches that fix various s/r issues (rhbz 994824 989373) * Wed Aug 21 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix brcmsmac oops (rhbz 989269) - CVE-2013-0343 handling of IPv6 temporary addresses (rhbz 914664 999380) * Tue Aug 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - Linux v3.10.9 * Tue Aug 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.10.8-100 - Linux v3.10.8 - CVE-2013-4254 ARM: perf: NULL pointer dereference in validate_event (rhbz 998878 998881) * Fri Aug 16 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch from Nathanael Noblet to fix mic on Gateway LT27 (rhbz 845699) * Thu Aug 15 2013 Josh Boyer <jwboyer@redhat.com> - 3.10.7-100 - Add patch to fix regression on TeVII S471 devices (rhbz 963715) - Linux v3.10.7 * Mon Aug 12 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.6-100 - Linux v3.10.6 * Wed Aug 7 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.5-101 - Bump for rebuild after koji hiccup * Wed Aug 7 2013 Josh Boyer <jwboyer@redhat.com> - Add zero file length check to make sure pesign didn't fail (rhbz 991808) * Tue Aug 6 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.5-100 - update s390x config [Dan HorĂ¡k] * Mon Aug 5 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.10.5 * Thu Aug 1 2013 Peter Robinson <pbrobinson@fedoraproject.org> - 3.10.4-100 - Rebase ARM config * Thu Aug 1 2013 Justin M. Forbes <jforbes@redhat.com> - Update s390x config * Thu Aug 1 2013 Justin M. Forbes <jforbes@redhat.com> - Rebase to 3.10.4 dropped: debug-bad-pte-dmi.patch debug-bad-pte-modules.patch VMX-x86-handle-host-TSC-calibration-failure.patch ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch af_key-fix-info-leaks-in-notify-messages.patch arm-tegra-fixclk.patch vhost-net-fix-use-after-free-in-vhost_net_flush.patch 0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch i7300_edac_single_mode_fixup.patch drivers-hwmon-nct6775.patch iwlwifi-pcie-fix-race-in-queue-unmapping.patch iwlwifi-pcie-wake-the-queue-if-stopped-when-being-unmapped.patch cve-2013-4125.patch iwlwifi-add-new-pci-id-for-6x35-series.patch ipv6-ip6_append_data_mtu-did-not-care-about-pmtudisc-and_frag_size.patch ipv6-call-udp_push_pending_frames-when-uncorking-a-socket-with-AF_INET-pending-data.patch * Thu Aug 1 2013 Josh Boyer <jwboyer@redhat.com> - Fix mac80211 connection issues (rhbz 981445) - Fix firmware issues with iwl4965 and rfkill (rhbz 977053) * Mon Jul 29 2013 Josh Boyer <jwboyer@redhat.com> - Add support for elantech v7 devices (rhbz 969473) * Fri Jul 26 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix NULL deref in iwlwifi (rhbz 979581) * Wed Jul 24 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-4162 net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled (rhbz 987627 987656) - CVE-2013-4163 net: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu (rhbz 987633 987639) * Mon Jul 22 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.11-200 - Fix timer issue in bridge code (rhbz 980254) - Add patch for iwlwifi 6x35 devices (rhbz 986538) - Linux v3.9.11 * Fri Jul 19 2013 Dave Jones <davej@redhat.com> - CVE-2013-4125 ipv6: BUG_ON in fib6_add_rt2node() (rhbz 984664) * Sat Jul 13 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.10-200 - Linux v3.9.10 * Fri Jul 12 2013 Dave Jones <davej@redhat.com> - 3.9.9-203 - Disable LATENCYTOP/SCHEDSTATS in non-debug builds. * Fri Jul 12 2013 Josh Boyer <jwboyer@redhat.com> - Fix various overflow issues in ext4 (rhbz 976837) - Add iwlwifi fix for connection issue (rhbz 885407) * Fri Jul 5 2013 Josh Boyer <jwboyer@redhat.com> - Add report fixup for Genius Gila mouse from Benjamin Tissoires (rhbz 959721) - Add vhost-net use-after-free fix (rhbz 976789 980643) - Add fix for timer issue in bridge code (rhbz 980254) - CVE-2013-2232 ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg (rhbz 981552 981564) * Wed Jul 3 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.9-200 - CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code (rhbz 977356 980341) - CVE-2013-2234 net: information leak in AF_KEY notify (rhbz 980995 981007) - Linux v3.9.9 * Wed Jul 3 2013 Josh Boyer <jwboyer@redhat.com> - Add patches to fix iwl skb managment (rhbz 977040) * Thu Jun 27 2013 Justin M. Forbes <jforbes@redhat.com> - 3.9.8-200 - Linux v3.9.8 * Thu Jun 27 2013 Josh Boyer <jwboyer@redhat.com> - Fix stack memory usage for DMA in ath3k (rhbz 977558) * Wed Jun 26 2013 Josh Boyer <jwboyer@redhat.com> - Add two patches to fix bridge networking issues (rhbz 880035) * Mon Jun 24 2013 Josh Boyer <jwboyer@redhat.com> - Fix battery issue with bluetooth keyboards (rhbz 903741) * Fri Jun 21 2013 Josh Boyer <jwboyer@redhat.com> - Add two patches to fix iwlwifi issues in unmapping - Add patch to fix carl9170 oops (rhbz 967271) * Thu Jun 20 2013 Justin M. Forbes <jforbes@redhat.com> - 3.9.7-200 - Linux v3.9.7 * Wed Jun 19 2013 Mauro Carvalho Chehab - Add and enable upstream kernel driver for nct6775 sensors * Tue Jun 18 2013 Dave Jones <davej@redhat.com> - Disable MTRR sanitizer by default. * Thu Jun 13 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.6-200 - Linux v3.9.6 * Wed Jun 12 2013 Josh Boyer <jwboyer@redhat.com> - Fix KVM divide by zero error (rhbz 969644) - Add fix for rt5390/rt3290 regression (rhbz 950735) * Tue Jun 11 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.5-201 - Add patches to fix MTRR issues in 3.9.5 (rhbz 973185) - Add two patches to fix issues with vhost_net and macvlan (rhbz 954181) - CVE-2013-2164 information leak in cdrom driver (rhbz 973100 973109) * Mon Jun 10 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.5-200 - Linux v3.9.5 * Fri Jun 7 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-2851 block: passing disk names as format strings (rhbz 969515 971662) - CVE-2013-2852 b43: format string leaking into error msgs (rhbz 969518 971665) * Thu Jun 6 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-2148 fanotify: info leak in copy_event_to_user (rhbz 971258 971261) - CVE-2013-2147 cpqarray/cciss: information leak via ioctl (rhbz 971242 971249) * Wed Jun 5 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-2140 xen: blkback: insufficient permission checks for BLKIF_OP_DISCARD (rhbz 971146 971148) * Mon Jun 3 2013 Josh Boyer <jwboyer@redhat.com> - Fix UEFI anti-bricking code (rhbz 964335) * Fri May 31 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-2850 iscsi-target: heap buffer overflow on large key error (rhbz 968036 969272) * Fri May 24 2013 Justin M. Forbes <jforbes@redhat.com> - 3.9.4-200 - Linux v3.9.4 * Fri May 24 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to quiet irq remapping failures (rhbz 948262) * Thu May 23 2013 Josh Boyer <jwboyer@redhat.com> - Fix oops from incorrect rfkill set in hp-wmi (rhbz 964367) * Wed May 22 2013 Josh Boyer <jwboyer@redhat.com> - Fix memcmp error in iwlwifi * Tue May 21 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.3-201 - Fix modules-extra signing with 3.9 kernels (rhbz 965181) * Mon May 20 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.3-200 - Linux 3.9.3 - Update s390x config * Thu May 16 2013 Josh Boyer <jwboyer@redhat.com> - Fix config-local usage (rhbz 950841) * Mon May 13 2013 Dave Jones <davej@redhat.com> - 3.9.2-200 - Linux 3.9.2 * Fri May 10 2013 Dave Jones <davej@redhat.com> - 3.9.2-0.rc1.200 - Linux 3.9.2-rc1 * Thu May 9 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Disable PL330 on ARM as it's broken on highbank * Wed May 8 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Add the ARM patches needed for 3.9 :-/ * Wed May 8 2013 Dave Jones <davej@redhat.com> - 3.9.1-200 - Linux 3.9.1 * Wed May 8 2013 Josh Boyer <jwboyer@redhat.com> - Don't remove headers explicitly exported via UAPI (rhbz 959467) * Tue May 7 2013 Josh Boyer <jwboyer@redhat.com> - Fix dmesg_restrict patch to avoid regression (rhbz 952655) * Mon May 6 2013 Dave Jones <davej@redhat.com> - 3.9.1-0.rc1.201 - Linux 3.9.1-rc1 merged: wireless-regulatory-fix-channel-disabling-race-condition.patch merged: iwlwifi-fix-freeing-uninitialized-pointer.patch * Mon May 6 2013 Josh Boyer <jwboyer@redhat.com> - Rebase F18 secure-boot patchset to Linux v3.9 * Mon May 6 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Initial rebase of ARM to 3.9 * Mon May 6 2013 Dave Jones <davej@redhat.com> - 3.9.0-200 - Rebase to Linux 3.9 merged: silence-empty-ipi-mask-warning.patch merged: quiet-apm.patch merged: Input-increase-struct-ps2dev-cmdbuf-to-8-bytes.patch merged: Input-add-support-for-Cypress-PS2-Trackpads.patch merged: Input-cypress_ps2-fix-trackpadi-found-in-Dell-XPS12.patch merged: alps-v2.patch merged: userns-avoid-recursion-in-put_user_ns.patch merged: amd64_edac_fix_rank_count.patch merged: team-net-next-update-20130307.patch merged: uvcvideo-suspend-fix.patch merged: cfg80211-mac80211-disconnect-on-suspend.patch merged: mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.8.patch merged: mac80211-Dont-restart-sta-timer-if-not-running.patch merged: 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch TODO: secure-boot TODO: ARM configs. * Wed May 1 2013 Justin M. Forbes <jforbes@redhat.com> - 3.8.11-200 - Linux v3.8.11 * Mon Apr 29 2013 Justin M. Forbes <jforbes@redhat.com> - 3.8.10-200 - Linux v3.8.10 * Fri Apr 26 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.9-200 - Linux v3.8.9 * Wed Apr 24 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.8-203 - CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071) - CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089) - CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104) - CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113) - CVE-2013-3233 NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg (rhbz 956125 956129) - CVE-2013-3234 rose: info leak via msg_name in rose_recvmsg (rhbz 956135 956139) - CVE-2013-3076 crypto: algif suppress sending src addr info in recvmsg (rhbz 956162 956168) * Tue Apr 23 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-3223 ax25: information leak via msg_name in ax25_recvmsg (rhbz 955662 955666) - CVE-2013-3225 Bluetooth: RFCOMM missing msg_namelen update in rfcomm_sock_recvmsg (rhbz 955649 955658) - CVE-2013-1979 net: incorrect SCM_CREDENTIALS passing (rhbz 955629 955647) - CVE-2013-3224 Bluetooth: possible info leak in bt_sock_recvmsg (rhbz 955599 955607) * Mon Apr 22 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-3222 atm: update msg_namelen in vcc_recvmsg (rhbz 955216 955228) * Wed Apr 17 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.8-202 - Fix missing raid REQ_WRITE_SAME flag commit (rhbz 947539) * Wed Apr 17 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.8-201 - Linux v3.8.8 * Tue Apr 16 2013 Josh Boyer <jwboyer@redhat.com> - Fix uninitialized variable free in iwlwifi (rhbz 951241) - Fix race in regulatory code (rhbz 919176) * Mon Apr 15 2013 Josh Boyer <jwboyer@redhat.com> - tracing: NULL pointer dereference (rhbz 952197 952217) - Fix debug patches to build on s390x/ppc * Fri Apr 12 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.7-201 - Linux v3.8.7 - Enable CONFIG_LDM_PARTITION (rhbz 948636) * Thu Apr 11 2013 Dave Jones <davej@redhat.com> - Print out some extra debug information when we hit bad page tables. * Thu Apr 11 2013 Josh Boyer <jwboyer@redhat.com> - Fix ALPS backport patch (rhbz 812111) * Tue Apr 9 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.6-203 - Temporarily work around pci device assignment issues (rhbz 908888) - CVE-2013-1929 tg3: len overflow in VPD firmware parsing (rhbz 949932 949946) - Backport intel brightness quirk for emachines (rhbz 871932) * Mon Apr 8 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Enable CMA on ARM tegra - Minor tweeks to ARM OMAP * Mon Apr 8 2013 Josh Boyer <jwboyer@redhat.com> - Add patch from Benjamin Tissoires to fix race in HID magicmouse (rhbz 908604) * Fri Apr 5 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.8.6 * Wed Apr 3 2013 Dave Jones <davej@redhat.com> - Enable MTD_CHAR/MTD_BLOCK (Needed for SFC) Enable 10gigE on 64-bit only. * Tue Apr 2 2013 Josh Boyer <jwboyer@redhat.com> - Enable CONFIG_FB_MATROX_G on powerpc - Add support for Atheros 04ca:3004 bluetooth devices (again) (rhbz 844750) - Enable CONFIG_SCSI_DMX3191D (rhbz 919874) * Mon Apr 1 2013 Josh Boyer <jwboyer@redhat.com> - Enable the rtl8192e driver (rhbz 913753) - Enable CONFIG_MCE_INJECT (rhbz 927353) * Thu Mar 28 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.5-201 - Linux v3.8.5 * Tue Mar 26 2013 Justin M. Forbes <jforbes@redhat.com> - Fix child thread introspection of of /proc/self/exe (rhbz 927469) * Tue Mar 26 2013 Josh Boyer <jwboyer@redhat.com> - Add quirk for Realtek card reader to avoid 10 sec boot delay (rhbz 806587) - Add quirk for MSI keyboard backlight to avoid 10 sec boot delay (rhbz 907221) * Mon Mar 25 2013 Justin M. Forbes <jforbes@redhat.com> - enable CONFIG_DRM_VMWGFX_FBCON (rhbz 927022) - disable whci-hcd since it doesnt seem to have users (rhbz 919289) * Sat Mar 23 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Disable Marvell Dove support for the moment as it breaks other SoCs * Thu Mar 21 2013 Josh Boyer <jwboyer@redhat.com> - Fix workqueue crash in mac80211 (rhbz 920218) * Thu Mar 21 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Minor ARM config updates * Wed Mar 20 2013 Justin M. Forbes <jforbes@redhat.com> 3.8.4-201 - Linux v3.8.4 - CVE-2013-1873 information leaks via netlink interface (rhbz 923652 923662) * Wed Mar 20 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1796 kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME (rhbz 917012 923966) - CVE-2013-1797 kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME (rhbz 917013 923967) - CVE-2013-1798 kvm: out-of-bounds access in ioapic indirect register reads (rhbz 917017 923968) * Mon Mar 18 2013 Justin M. Forbes - Revert rc6 ilk changes from 3.8.3 stable (rhbz 922304) * Mon Mar 18 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Enable OMAP RNG and mvebu dove configs * Fri Mar 15 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1860 usb: cdc-wdm buf overflow triggered by dev (rhbz 921970 922004) * Thu Mar 14 2013 Justin M. Forbes <jforbes@redhat.com> 3.8.3-201 - Linux v3.8.3 * Thu Mar 14 2013 Josh Boyer <jwboyer@redhat.com> - Fix divide by zero on host TSC calibration failure (rhbz 859282) * Thu Mar 14 2013 Mauro Carvalho Chehab <mchehab@redhat.com> - fix i7300_edac twice-mem-size-report via EDAC API (rhbz 921500) * Tue Mar 12 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix ieee80211_do_stop (rhbz 892599) - Add patches to fix cfg80211 issues with suspend (rhbz 856863) - Add patch to fix Cypress trackpad on XPS 12 machines (rhbz 912166) - CVE-2013-0913 drm/i915: head writing overflow (rhbz 920471 920529) - CVE-2013-0914 sa_restorer information leak (rhbz 920499 920510) * Mon Mar 11 2013 Mauro Carvalho Chehab <mchehab@redhat.com> - fix amd64_edac twice-mem-size-report via EDAC API (rhbz 920586) * Mon Mar 11 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix usb_submit_urb error in uvcvideo (rhbz 879462) - Add patch to allow "8250." prefix to keep working (rhbz 911771) - Add patch to fix w1_search oops (rhbz 857954) - Add patch to fix broken tty handling (rhbz 904182) * Fri Mar 8 2013 Josh Boyer <jwboyer@redhat.com> - Add turbostat and x86_engery_perf_policy debuginfo to kernel-tools-debuginfo * Fri Mar 8 2013 Justin M. Forbes <jforbes@redhat.com> - Revert "write backlight harder" until better solution is found (rhbz 917353) - Update team driver from net-next from Jiri Pirko * Fri Mar 8 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1828 sctp: SCTP_GET_ASSOC_STATS stack buffer overflow (rhbz 919315 919316) * Fri Mar 8 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Have kernel provide kernel-highbank for upgrade to unified - Update mvebu configs - Drop unused ARM patches * Thu Mar 7 2013 Josh Boyer <jwboyer@redhat.com> - Fix DMI regression (rhbz 916444) - Fix logitech-dj HID bug from Benjamin Tissoires (rhbz 840391) - CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021) * Wed Mar 6 2013 Justin M. Forbes <jforbes@redhat.com> - Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz 880051) - Fix destroy_conntrack GPF (rhbz 859346) * Wed Mar 6 2013 Josh Boyer <jwboyer@redhat.com> - Fix regression in secure-boot acpi_rsdp patch (rhbz 906225) - crypto: info leaks in report API (rhbz 918512 918521) * Tue Mar 5 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix Beagle (omap), update vexpress * Tue Mar 5 2013 Josh Boyer <jwboyer@redhat.com> - Backport 4 fixes for efivarfs (rhbz 917984) - Enable CONFIG_IP6_NF_TARGET_MASQUERADE * Mon Mar 4 2013 Josh Boyer <jwboyer@redhat.com> - Fix issues in nx crypto driver from Kent Yoder (rhbz 916544) * Mon Mar 4 2013 Justin M. Forbes <jforbes@redhat.com> - 3.8.2-201 - Linux v3.8.2 * Mon Mar 4 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix DTB generation on ARM * Fri Mar 1 2013 Dave Jones <davej@redhat.com> - Silence "tty is NULL" trace. * Fri Mar 1 2013 Josh Boyer <jwboyer@redhat.com> - Add patches to fix sunrpc panic (rhbz 904870) * Thu Feb 28 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Update ARM config for 3.8 * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Remove no longer needed E1000 hack. * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Drop SPARC64 support. * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Linux 3.8.1 Dropped (merged in 3.8.1) - drm-i915-lvds-reclock-fix.patch - usb-cypress-supertop.patch - perf-hists-Fix-period-symbol_conf.field_sep-display.patch - ipv6-dst-from-ptr-race.patch - sock_diag-Fix-out-of-bounds-access-to-sock_diag_handlers.patch - tmpfs-fix-use-after-free-of-mempolicy-object.patch * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Update usb-cypress-supertop.patch * Wed Feb 27 2013 Dave Jones <davej@redhat.com> - Update ALPS patch to what got merged in 3.9-rc * Wed Feb 27 2013 Dave Jones <davej@redhat.com> - 3.8.0 Dropped (merged in 3.8) - arm-l2x0-only-set-set_debug-on-pl310-r3p0-and-earlier.patch - power-x86-destdir.patch - modsign-post-KS-jwb.patch - efivarfs-3.7.patch - handle-efi-roms.patch - drm-i915-Fix-up-mismerge-of-3490ea5d-in-3.7.y.patch - USB-report-submission-of-active-URBs.patch - exec-use-eloop-for-max-recursion-depth.patch - 8139cp-revert-set-ring-address-before-enabling-receiver.patch - 8139cp-set-ring-address-after-enabling-C-mode.patch - 8139cp-re-enable-interrupts-after-tx-timeout.patch - brcmsmac-updates-rhbz892428.patch - silence-brcmsmac-warning.patch - net-fix-infinite-loop-in-__skb_recv_datagram.patch - Bluetooth-Add-support-for-Foxconn-Hon-Hai-0489-e056.patch - 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch Needs checking: - arm-tegra-nvec-kconfig.patch - arm-tegra-sdhci-module-fix.patch * Tue Feb 26 2013 Justin M. Forbes <jforbes@redhat.com> - Avoid recursion in put_user_ns, potential overflow * Tue Feb 26 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1767 tmpfs: fix use-after-free of mempolicy obj (rhbz 915592,915716) - Fix vmalloc_fault oops during lazy MMU (rhbz 914737) * Mon Feb 25 2013 Josh Boyer <jwboyer@redhat.com> - Honor dmesg_restrict for /dev/kmsg (rhbz 903192) * Sun Feb 24 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.9-205 - CVE-2013-1763 sock_diag: out-of-bounds access to sock_diag_handlers (rhbz 915052,915057) * Fri Feb 22 2013 Josh Boyer <jwboyer@redhat.com> - Add support for bluetooth in Acer Aspire S7 (rhbz 879408) * Thu Feb 21 2013 Neil Horman <nhorman@redhat.com> - Fix crash from race in ipv6 dst entries (rhbz 892060) * Wed Feb 20 2013 Josh Boyer <jwboyer@redhat.com> - Fix perf report field separator issue (rhbz 906055) - Fix oops from acpi_rsdp setup in secure-boot patchset (rhbz 906225) * Tue Feb 19 2013 Josh Boyer <jwboyer@redhat.com> - Add support for Atheros 04ca:3004 bluetooth devices (rhbz 844750) - Backport support for newer ALPS touchpads (rhbz 812111) * Tue Feb 19 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix OMAP thermal driver by building it in (seems it doesn't auto load when a module) * Mon Feb 18 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.9-201 - Linux v3.7.9 * Mon Feb 18 2013 Adam Jackson <ajax@redhat.com - i915: Fix a mismerge in 3.7.y that leads to divide-by-zero in i915_update_wm * Fri Feb 15 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-0290 net: infinite loop in __skb_recv_datagram (rhbz 911479 911473) * Thu Feb 14 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.8-201 - Linux v3.7.8 * Thu Feb 14 2013 Adam Jackson <ajax@redhat.com> - i915: Hush asserts during TV detection, just useless noise - i915: Fix LVDS downclock to not cripple performance (#901951) * Thu Feb 14 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix corruption on newer M6116 SATA bridges (rhbz 909591) - CVE-2013-0228 xen: xen_iret() invalid %ds local DoS (rhbz 910848 906309) * Tue Feb 12 2013 Dave Jones <davej@redhat.com> - Add networking queue for next stable release. * Tue Feb 12 2013 Dave Jones <davej@redhat.com> - mm: Check if PUD is large when validating a kernel address * Tue Feb 12 2013 Dave Jones <davej@redhat.com> - Silence brcmsmac warnings. (Fixed in 3.8, but not backporting to 3.7) * Tue Feb 12 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.7.7 * Mon Feb 11 2013 Josh Boyer <jwboyer@redhat.com> - Add patch from Kees Cook to restrict MSR writting in secure boot mode - Add patch to honor MokSBState (rhbz 907406) * Thu Feb 7 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Minor ARM build fixes * Wed Feb 6 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix ath9k dma stop checks (rhbz 892811) * Mon Feb 4 2013 Josh Boyer <jwboyer@redhat.com> - Linux v3.7.6 - Update secure-boot patchset - Fix rtlwifi scheduling while atomic from Larry Finger (rhbz 903881) * Tue Jan 29 2013 Josh Boyer <jwboyer@redhat.com> - Backport driver for Cypress PS/2 trackpad (rhbz 799564) * Mon Jan 28 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.5-201 - Linux v3.7.5 - Add patch to fix iwlwifi issues (rhbz 863424) * Sun Jan 27 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Build and package dtbs on ARM - Enable FB options for qemu vexpress on unified * Fri Jan 25 2013 Justin M. Forbes <jforbes@redhat.com> - Turn off THP for 32bit * Wed Jan 23 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.4-204 - brcmsmac fixes from upstream (rhbz 892428) * Wed Jan 23 2013 Dave Jones <davej@redhat.com> - Remove warnings about empty IPI masks. * Tue Jan 22 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.4-203 - Add i915 bugfix from airlied * Tue Jan 22 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Apply ARM errata fix - disable HVC_DCC and VIRTIO_CONSOLE on ARM * Tue Jan 22 2013 Josh Boyer <jwboyer@redhat.com> - Fix libata settings bug (rhbz 902523) * Mon Jan 21 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.4-201 - Linux v3.7.4 * Fri Jan 18 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.3-201 - Linux v3.7.3 * Thu Jan 17 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Merge 3.7 ARM kernel including unified kernel - Drop separate IMX and highbank kernels - Disable ARM PL310 errata that crash highbank * Wed Jan 16 2013 Josh Boyer <jwboyer@redhat.com> - Fix power management sysfs on non-secure boot machines (rhbz 896243) * Wed Jan 16 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.2-204 - Fix for CVE-2013-0190 xen corruption with 32bit pvops (rhbz 896051 896038) * Wed Jan 16 2013 Josh Boyer <jwboyer@redhat.com> - Add patch from Stanislaw Gruszka to fix iwlegacy IBSS cleanup (rhbz 886946) * Tue Jan 15 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.2-203 - Turn off Intel IOMMU by default - Stable queue from 3.7.3 with many relevant fixes * Tue Jan 15 2013 Josh Boyer <jwboyer@redhat.com> - Enable CONFIG_DVB_USB_V2 (rhbz 895460) * Mon Jan 14 2013 Josh Boyer <jwboyer@redhat.com> - Enable Orinoco drivers in kernel-modules-extra (rhbz 894069) * Fri Jan 11 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.1-1 - Linux v3.7.2 - Enable Intel IOMMU by default * Thu Jan 10 2013 Dave Jones <davej@redhat.com> - Add audit-libs-devel to perf build-deps to enable trace command. (rhbz 892893) * Tue Jan 8 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix shutdown on some machines (rhbz 890547) * Mon Jan 7 2013 Josh Boyer <jwboyer@redhat.com> - Patch to fix efivarfs underflow from Lingzhu Xiang (rhbz 888163) * Sun Jan 6 2013 Josh Boyer <jwboyer@redhat.com> - Fix version.h include due to UAPI change in 3.7 (rhbz 892373) * Fri Jan 4 2013 Josh Boyer <jwboyer@redhat.com> - Fix oops on aoe module removal (rhbz 853064) * Thu Jan 3 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.1-2 - Fixup secure boot patchset for 3.7 rebase - Package bash completion script for perf * Thu Jan 3 2013 Dave Jones <davej@redhat.com> - Rebase to 3.7.1 * Wed Jan 2 2013 Josh Boyer <jwboyer@redhat.com> - Fix autofs issue in 3.6 (rhbz 874372) - BR the hostname package (rhbz 886113) * Mon Dec 17 2012 Josh Boyer <jwboyer@redhat.com> - 3.6.11-3 - Linux v3.6.11 * Mon Dec 17 2012 Dennis Gilmore <dennis@ausil.us> - disable gpiolib on vexpress * Mon Dec 17 2012 Josh Boyer <jwboyer@redhat.com> - Fix oops in sony-laptop setup (rhbz 873107) * Wed Dec 12 2012 Josh Boyer <jwboyer@redhat.com> - 3.6.10-5 - Fix infinite loop in efi signature parser - Don't error out if db doesn't exist -------------------------------------------------------------------------------- References: [ 1 ] Bug #1035875 - CVE-2013-6405 Kernel: net: leakage of uninitialized memory to user-space via recv syscalls https://bugzilla.redhat.com/show_bug.cgi?id=1035875 [ 2 ] Bug #1033603 - CVE-2013-6382 Kernel: fs: xfs: missing check for ZERO_SIZE_PTR https://bugzilla.redhat.com/show_bug.cgi?id=1033603 [ 3 ] Bug #1033593 - CVE-2013-6380 Kernel: aacraid: invalid pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1033593 [ 4 ] Bug #1033578 - CVE-2013-6378 Kernel: drivers: libertas: potential oops in debugfs https://bugzilla.redhat.com/show_bug.cgi?id=1033578 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds