User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2014-7128 (kernel)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 20 Update: kernel-3.14.6-200.fc20
Date:  Wed, 11 Jun 2014 16:31:10 +0000
Message-ID:  <20140611163110.28A7021A1E@bastion01.phx2.fedoraproject.org>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-7128 2014-06-10 01:51:43 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 20 Version : 3.14.6 Release : 200.fc20 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. -------------------------------------------------------------------------------- Update Information: The 3.14.6 stable update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 7 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.14.6-200 - Linux v3.14.6 * Fri Jun 6 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-3153 futex: pi futexes requeue issue (rhbz 1103626 1105609) - CVE-2014-3940 missing check during hugepage migration (rhbz 1104097 1105042) * Tue Jun 3 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add fix for team MTU settings from Jiri Pirko (rhbz 1099857) - Backport fix for issues with Quagga introduced by CVE fixes (rhbz 1097684) * Mon Jun 2 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.14.5-200 - Linux v3.14.5 * Thu May 29 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-3917 DoS with syscall auditing (rhbz 1102571 1102715) * Fri May 23 2014 Peter Robinson <pbrobinson@fedoraproject.org> - Re-add rebased Beagle patch set for 3.14 (RHBZ 1094768) - Drop some no longer needed ARM patches * Tue May 20 2014 Josh Boyer <jwboyer@fedoraproject.org> - Backport patch to add new elantech touchpad support (rhbz 1051668) * Wed May 14 2014 Hans de Goede <hdegoede@redhat.com> - Add synaptics min/max quirk patch for the ThinkPad W540 (rhbz 1096436) * Tue May 13 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.14.4-200 - Linux v3.14.4 * Mon May 12 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-3144/CVE-2014-3145 filter: prevent nla from peeking beyond eom (rhbz 1096775, 1096784) * Fri May 9 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-1738 CVE-2014-1737 floppy: priv esclation (rhbz 1094299 1096195) * Thu May 8 2014 Neil Horman <nhorman@redhat.com> - Fix dma unmap error in jme driver (rhbz 1082266) * Tue May 6 2014 Josh Boyer <jwboyer@fedoraproject.org> 3.14.3-200 - CVE-2014-0181 insufficient netlink permission checks (rhbz 1094270 1094265) * Tue May 6 2014 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.14.3 * Tue May 6 2014 Hans de Goede <hdegoede@redhat.com> - Add a patch to fix the Synaptics Touch Pad V 103S found on some keyboard docks for win8 tablets - Add a patch to fix the elantech touchpad on Gigabyte U2442 laptops - Add a patch to fix backlight control on the Samsung NC210/NC110 (rhbz#861573) - Add a patch to fix backlight & wifi on the Asus EEE PC 1015PX (rhbz#1067181) * Tue May 6 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240) - Add patch to fix smdb soft-lockup (rhbz 1082586) * Mon May 5 2014 Hans de Goede <hdegoede@redhat.com> - Add use_native_brightness quirk for the ThinkPad T530 (rhbz 1089545) * Sat May 3 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix TUN performance regression (rhbz 1093931) - Add patch to fix HID rmi driver from Benjamin Tissoires (rhbz 1090161) * Thu May 1 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add backported drm qxl fix (rhbz 1060327) * Thu May 1 2014 Hans de Goede <hdegoede@redhat.com> - Sync min/max quirk patch with upstream to add a quirk for the ThinkPad L540 (rhbz 1088588) * Thu May 1 2014 Hans de Goede <hdegoede@redhat.com> - Add use_native_backlight quirk for 4 laptops (rhbz 983342 1093120) * Wed Apr 30 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-3122: mm: fix locking DoS issue (rhbz 1093084 1093076) * Mon Apr 28 2014 Justin M. Forbes <jforbes@fedoraproject.org> 3.14.2-200 - Linux v3.14.2 (rhbz 1067071 1091722 906568) * Fri Apr 25 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add patch from Will Woods to fix fanotify EOVERFLOW issue (rhbz 696821) - Fix ACPI issue preventing boot on AMI firmware (rhbz 1090746) * Fri Apr 25 2014 Hans de Goede <hdegoede@redhat.com> - Add synaptics min-max quirk for ThinkPad Edge E431 (rhbz#1089689) * Wed Apr 23 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix SELinux wine issue again (rhbz 1013466) * Tue Apr 22 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix Synaptics touchscreens and HID rmi driver (rhbz 1089583) * Mon Apr 21 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.14.1-200 - Fix Brainboxes Express Cards (rhbz 1071914) - Fix build issues with CONFIG_DEBUG_VM set (rhbz 1074710) - Fix perf build failures * Mon Apr 21 2014 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.14.1 * Thu Apr 17 2014 Hans de Goede <hdegoede@redhat.com> - Update min/max quirk patch to add a quirk for the ThinkPad L540 (rhbz1088588) * Mon Apr 14 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.10-200 - Linux v3.13.10 * Mon Apr 14 2014 Hans de Goede <hdegoede@redhat.com> - Add min/max quirks for various new Thinkpad touchpads (rhbz 1085582 1085697) * Mon Apr 14 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-2851 net ipv4 ping refcount issue in ping_init_sock (rhbz 1086730 1087420) * Thu Apr 10 2014 Josh Boyer <jwboyer@fedoraproject.org> - Backported HID RMI driver for Haswell Dell XPS machines from Benjamin Tissoires (rhbz 1048314) * Wed Apr 9 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-0155 KVM: BUG caused by invalid guest ioapic redirect table (rhbz 1081589 1085016) - Add patch to fix SELinux lables on /proc files (rhbz 1084829) - Add patch to fix S3 in KVM guests (rhbz 1074235) * Thu Apr 3 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.9-200 - Linux v3.13.9 * Tue Apr 1 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280) * Mon Mar 31 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.8-200 - Linux v3.13.8 * Mon Mar 31 2014 Hans de Goede <hdegoede@redhat.com> - Fix clicks getting lost with cypress_ps2 touchpads with recent xorg-x11-drv-synaptics versions (bfdo#76341) * Fri Mar 28 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-2580 xen: netback crash trying to disable due to malformed packet (rhbz 1080084 1080086) - CVE-2014-0077 vhost-net: insufficent big packet handling in handle_rx (rhbz 1064440 1081504) - CVE-2014-0055 vhost-net: insufficent error handling in get_rx_bufs (rhbz 1062577 1081503) - CVE-2014-2568 net: potential info leak when ubuf backed skbs are zero copied (rhbz 1079012 1079013) * Mon Mar 24 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.7-200 - Linux v3.13.7 * Thu Mar 20 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-0131: skbuff: use-after-free during segmentation with zerocopy (rhbz 1074589 1079006) - Fix readahead semantics on pipes and sockets (rhbz 1078894) * Mon Mar 17 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-2523 netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages (rhbz 1077343 1077350) * Wed Mar 12 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix locking issue in iwldvm (rhbz 1046495) * Tue Mar 11 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-2309 ipv6: crash due to router advertisment flooding (rhbz 1074471 1075064) * Fri Mar 7 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.6-200 - Linux v3.13.6 * Fri Mar 7 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix iwldvm WARN (rhbz 1065663) - Revert two xhci fixes that break USB mass storage (rhbz 1073180) * Thu Mar 6 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix stale EC events on Samsung systems (rhbz 1003602) - Fix depmod error message from hci_vhci module (rhbz 1051748) - Fix bogus WARN in iwlwifi (rhbz 1071998) * Tue Mar 4 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix MAC-before-DAC check for mmap_zero (rhbz 1013466) - Fix hidp crash with apple bluetooth trackpads (rhbz 1027465) * Mon Mar 3 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.5-202 - CVE-2014-0100 net: inet frag race condition use-after-free (rhbz 1072026 1070618) - CVE-2014-0101 sctp: null ptr deref when processing auth cookie_echo chunk (rhbz 1070209 1070705) - Fix overly verbose audit logs (rhbz 1066064) * Mon Mar 3 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.5-201 - CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837) - Fix atomic sched BUG in tty low_latency (rhbz 1065087) * Fri Feb 28 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-0102 keyctl_link can be used to cause an oops (rhbz 1071396) * Fri Feb 28 2014 Josh Boyer <jwboyer@fedoraproject.org> - Drop alx phy reset patch that is already in 3.13 * Tue Feb 25 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix mounting issues on cifs (rhbz 1068862) * Mon Feb 24 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.5-200 - CVE-2014-2039 s390: crash due to linkage stack instructions (rhbz 1067558 1068758) - Fix lockdep issue in EHCI when using threaded IRQs (rhbz 1056170) * Mon Feb 24 2014 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.13.5 * Fri Feb 21 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix WARN from e100 from Michele Baldessari (rhbz 994438) * Thu Feb 20 2014 Peter Robinson <pbrobinson@fedoraproject.org> - 3.13.4-200 - Rebase i.MX6 Utilite to upstream version * Thu Feb 20 2014 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.13.4 * Tue Feb 18 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix r8169 ethernet after suspend (rhbz 1054408) - Enable INTEL_MIC drivers (rhbz 1064086) * Fri Feb 14 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.13.3-201 - CVE-2014-0069 cifs: incorrect handling of bogus user pointers (rhbz 1064253 1062584) * Thu Feb 13 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.3-200 - Linux v3.13.3 * Wed Feb 12 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix list corruption from pinctrl (rhbz 1051918) - Add IFA_FLAGS for IPv6 temporary addresses back (rhbz 1064430) - Fix cgroup destroy oops (rhbz 1045755) - Fix backtrace in amd_e400_idle (rhbz 1031296) - CVE-2014-1874 SELinux: local denial of service (rhbz 1062356 1062507) * Wed Feb 12 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.2-200 - Packaging fixes for tmon and trace * Tue Feb 11 2014 Peter Robinson <pbrobinson@fedoraproject.org> - Update am33xx (BeagleBone) patch for 3.13 - Minor ARM updates * Mon Feb 10 2014 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.13.2 - Fixes (rhbz 1062144) * Thu Feb 6 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.12.10-300 - Linux v3.12.10 * Wed Feb 5 2014 Justin M. Forbes <jforbes@fedoraproject.org> - fix resume issues on Renesas chips in Samsung laptops (rhbz 950630) * Wed Jan 29 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.12.9-301 - ipv6 addrconf: revert /proc/net/if_inet6 ifa_flag format (rhbz 1056711) * Tue Jan 28 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add patch from Stanislaw Gruszka to fix ath9k BUG (rhbz 990955) * Mon Jan 27 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.12.9-300 - Backport new IPv6 address flag IFA_F_NOPREFIXROUTE and IFA_F_MANAGETEMPADDR (rhbz 1056711) - Linux v3.12.9 - i915: remove pm_qos request on error (rhbz 1057533) * Sun Jan 26 2014 Peter Robinson <pbrobinson@fedoraproject.org> - Minor ARM config updates - Disable highbank cpuidle driver - Update CPU thermal scaling options for ARM * Wed Jan 15 2014 Justin M. Forbes <jforbes@fedoraproject.org - 3.12.8-300 - Linux v3.12.8 * Wed Jan 15 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-1446 hamradio/yam: information leak in ioctl (rhbz 1053620 1053647) - CVE-2014-1438 x86: exceptions are not cleared in AMD FXSAVE workaround (rhbz 1053599 1052914) * Tue Jan 14 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix k-m-e Provides to be explicit to only the package flavor (rhbz 1046246) * Tue Jan 14 2014 Neil Horman <nhorman@redhat.com> - Backport ipv6 route cache expiration fix (rhbz 1040128) * Sun Jan 12 2014 Peter Robinson <pbrobinson@fedoraproject.org> - Enable generic cpufreq-cpu0 driver on ARM - Enable thermal userspace support for ARM * Fri Jan 10 2014 Justin M. Forbes <jforbes@fedoraproject.org - 3.12.7-300 - Linux v3.12.7 * Wed Jan 8 2014 Josh Boyer <jwboyer@fedoraproject.org> - Backport support for ALPS Dolphin devices (rhbz 953211) - Enable BCMA_DRIVER_GPIO by turning on GPIOLIB everywhere (rhbz 1021098) * Mon Jan 6 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add support for BCM57786 devices to tg3 (rhbz 1044471) - Fix use after free crash in KVM (rhbz 1047892) - Fix oops in KVM with invalid root_hpa (rhbz 924916) - CVE-2013-4579: ath9k_htc improper MAC update (rhbz 1032753 1033072) * Sat Dec 28 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Update am33xx (BeagleBone) cpsw patch to upstream version * Mon Dec 23 2013 Justin M. Forbes <jforbes@fedoraproject.org - 3.12.6-300 - Linux v3.12.6 * Fri Dec 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patches to fix dummy gssd entry (rhbz 1037793) * Wed Dec 18 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix nowatchdog-on-virt.patch to actually work in KVM guests * Tue Dec 17 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.12.5-302 - Add patch to avoid using queued trim on M500 SSD (rhbz 1024002) * Mon Dec 16 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix host lockup in bridge code when starting from virt guest (rhbz 1025770) * Fri Dec 13 2013 Josh Boyer <jwboyer@fedoraproject.org> 3.12.5-301 - More keys fixes from upstream to fix keyctl_get_persisent crash (rhbz 1043033) * Fri Dec 13 2013 Justin M. Forbes <jforbes@fedoraproject.org - 3.12.5-300 - Linux v3.12.5 rebase * Thu Dec 12 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071) - CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099) - CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090) - CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081) * Wed Dec 11 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802) * Tue Dec 10 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874) * Fri Dec 6 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix up ARM usb gadget config to make it useful -------------------------------------------------------------------------------- References: [ 1 ] Bug #1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue https://bugzilla.redhat.com/show_bug.cgi?id=1103626 [ 2 ] Bug #1104097 - CVE-2014-3940 Kernel: missing check during hugepage migration https://bugzilla.redhat.com/show_bug.cgi?id=1104097 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds