User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2013-6041 (kernel)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 18 Update: kernel-3.8.8-202.fc18
Date:  Fri, 19 Apr 2013 04:59:13 +0000
Message-ID:  <20130419045914.455A22792E@bastion01.phx2.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-6041 2013-04-19 04:16:02 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 18 Version : 3.8.8 Release : 202.fc18 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. -------------------------------------------------------------------------------- Update Information: Update to latest stable upstream release, Linux 3.8.8. This hopefully fixes a PAE pagetable corruption issue we've seen with users running Chrome/Chromium. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 17 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.8-202 - Fix missing raid REQ_WRITE_SAME flag commit (rhbz 947539) * Wed Apr 17 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.8-201 - Linux v3.8.8 * Tue Apr 16 2013 Josh Boyer <jwboyer@redhat.com> - Fix uninitialized variable free in iwlwifi (rhbz 951241) - Fix race in regulatory code (rhbz 919176) * Mon Apr 15 2013 Josh Boyer <jwboyer@redhat.com> - tracing: NULL pointer dereference (rhbz 952197 952217) - Fix debug patches to build on s390x/ppc * Fri Apr 12 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.7-201 - Linux v3.8.7 - Enable CONFIG_LDM_PARTITION (rhbz 948636) * Thu Apr 11 2013 Dave Jones <davej@redhat.com> - Print out some extra debug information when we hit bad page tables. * Thu Apr 11 2013 Josh Boyer <jwboyer@redhat.com> - Fix ALPS backport patch (rhbz 812111) * Tue Apr 9 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.6-203 - Temporarily work around pci device assignment issues (rhbz 908888) - CVE-2013-1929 tg3: len overflow in VPD firmware parsing (rhbz 949932 949946) - Backport intel brightness quirk for emachines (rhbz 871932) * Mon Apr 8 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Enable CMA on ARM tegra - Minor tweeks to ARM OMAP * Mon Apr 8 2013 Josh Boyer <jwboyer@redhat.com> - Add patch from Benjamin Tissoires to fix race in HID magicmouse (rhbz 908604) * Fri Apr 5 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.8.6 * Wed Apr 3 2013 Dave Jones <davej@redhat.com> - Enable MTD_CHAR/MTD_BLOCK (Needed for SFC) Enable 10gigE on 64-bit only. * Tue Apr 2 2013 Josh Boyer <jwboyer@redhat.com> - Enable CONFIG_FB_MATROX_G on powerpc - Add support for Atheros 04ca:3004 bluetooth devices (again) (rhbz 844750) - Enable CONFIG_SCSI_DMX3191D (rhbz 919874) * Mon Apr 1 2013 Josh Boyer <jwboyer@redhat.com> - Enable the rtl8192e driver (rhbz 913753) - Enable CONFIG_MCE_INJECT (rhbz 927353) * Thu Mar 28 2013 Josh Boyer <jwboyer@redhat.com> - 3.8.5-201 - Linux v3.8.5 * Tue Mar 26 2013 Justin M. Forbes <jforbes@redhat.com> - Fix child thread introspection of of /proc/self/exe (rhbz 927469) * Tue Mar 26 2013 Josh Boyer <jwboyer@redhat.com> - Add quirk for Realtek card reader to avoid 10 sec boot delay (rhbz 806587) - Add quirk for MSI keyboard backlight to avoid 10 sec boot delay (rhbz 907221) * Mon Mar 25 2013 Justin M. Forbes <jforbes@redhat.com> - enable CONFIG_DRM_VMWGFX_FBCON (rhbz 927022) - disable whci-hcd since it doesnt seem to have users (rhbz 919289) * Sat Mar 23 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Disable Marvell Dove support for the moment as it breaks other SoCs * Thu Mar 21 2013 Josh Boyer <jwboyer@redhat.com> - Fix workqueue crash in mac80211 (rhbz 920218) * Thu Mar 21 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Minor ARM config updates * Wed Mar 20 2013 Justin M. Forbes <jforbes@redhat.com> 3.8.4-201 - Linux v3.8.4 - CVE-2013-1873 information leaks via netlink interface (rhbz 923652 923662) * Wed Mar 20 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1796 kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME (rhbz 917012 923966) - CVE-2013-1797 kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME (rhbz 917013 923967) - CVE-2013-1798 kvm: out-of-bounds access in ioapic indirect register reads (rhbz 917017 923968) * Mon Mar 18 2013 Justin M. Forbes - Revert rc6 ilk changes from 3.8.3 stable (rhbz 922304) * Mon Mar 18 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Enable OMAP RNG and mvebu dove configs * Fri Mar 15 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1860 usb: cdc-wdm buf overflow triggered by dev (rhbz 921970 922004) * Thu Mar 14 2013 Justin M. Forbes <jforbes@redhat.com> 3.8.3-201 - Linux v3.8.3 * Thu Mar 14 2013 Josh Boyer <jwboyer@redhat.com> - Fix divide by zero on host TSC calibration failure (rhbz 859282) * Thu Mar 14 2013 Mauro Carvalho Chehab <mchehab@redhat.com> - fix i7300_edac twice-mem-size-report via EDAC API (rhbz 921500) * Tue Mar 12 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix ieee80211_do_stop (rhbz 892599) - Add patches to fix cfg80211 issues with suspend (rhbz 856863) - Add patch to fix Cypress trackpad on XPS 12 machines (rhbz 912166) - CVE-2013-0913 drm/i915: head writing overflow (rhbz 920471 920529) - CVE-2013-0914 sa_restorer information leak (rhbz 920499 920510) * Mon Mar 11 2013 Mauro Carvalho Chehab <mchehab@redhat.com> - fix amd64_edac twice-mem-size-report via EDAC API (rhbz 920586) * Mon Mar 11 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix usb_submit_urb error in uvcvideo (rhbz 879462) - Add patch to allow "8250." prefix to keep working (rhbz 911771) - Add patch to fix w1_search oops (rhbz 857954) - Add patch to fix broken tty handling (rhbz 904182) * Fri Mar 8 2013 Josh Boyer <jwboyer@redhat.com> - Add turbostat and x86_engery_perf_policy debuginfo to kernel-tools-debuginfo * Fri Mar 8 2013 Justin M. Forbes <jforbes@redhat.com> - Revert "write backlight harder" until better solution is found (rhbz 917353) - Update team driver from net-next from Jiri Pirko * Fri Mar 8 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1828 sctp: SCTP_GET_ASSOC_STATS stack buffer overflow (rhbz 919315 919316) * Fri Mar 8 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Have kernel provide kernel-highbank for upgrade to unified - Update mvebu configs - Drop unused ARM patches * Thu Mar 7 2013 Josh Boyer <jwboyer@redhat.com> - Fix DMI regression (rhbz 916444) - Fix logitech-dj HID bug from Benjamin Tissoires (rhbz 840391) - CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021) * Wed Mar 6 2013 Justin M. Forbes <jforbes@redhat.com> - Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz 880051) - Fix destroy_conntrack GPF (rhbz 859346) * Wed Mar 6 2013 Josh Boyer <jwboyer@redhat.com> - Fix regression in secure-boot acpi_rsdp patch (rhbz 906225) - crypto: info leaks in report API (rhbz 918512 918521) * Tue Mar 5 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix Beagle (omap), update vexpress * Tue Mar 5 2013 Josh Boyer <jwboyer@redhat.com> - Backport 4 fixes for efivarfs (rhbz 917984) - Enable CONFIG_IP6_NF_TARGET_MASQUERADE * Mon Mar 4 2013 Josh Boyer <jwboyer@redhat.com> - Fix issues in nx crypto driver from Kent Yoder (rhbz 916544) * Mon Mar 4 2013 Justin M. Forbes <jforbes@redhat.com> - 3.8.2-201 - Linux v3.8.2 * Mon Mar 4 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix DTB generation on ARM * Fri Mar 1 2013 Dave Jones <davej@redhat.com> - Silence "tty is NULL" trace. * Fri Mar 1 2013 Josh Boyer <jwboyer@redhat.com> - Add patches to fix sunrpc panic (rhbz 904870) * Thu Feb 28 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Update ARM config for 3.8 * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Remove no longer needed E1000 hack. * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Drop SPARC64 support. * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Linux 3.8.1 Dropped (merged in 3.8.1) - drm-i915-lvds-reclock-fix.patch - usb-cypress-supertop.patch - perf-hists-Fix-period-symbol_conf.field_sep-display.patch - ipv6-dst-from-ptr-race.patch - sock_diag-Fix-out-of-bounds-access-to-sock_diag_handlers.patch - tmpfs-fix-use-after-free-of-mempolicy-object.patch * Thu Feb 28 2013 Dave Jones <davej@redhat.com> - Update usb-cypress-supertop.patch * Wed Feb 27 2013 Dave Jones <davej@redhat.com> - Update ALPS patch to what got merged in 3.9-rc * Wed Feb 27 2013 Dave Jones <davej@redhat.com> - 3.8.0 Dropped (merged in 3.8) - arm-l2x0-only-set-set_debug-on-pl310-r3p0-and-earlier.patch - power-x86-destdir.patch - modsign-post-KS-jwb.patch - efivarfs-3.7.patch - handle-efi-roms.patch - drm-i915-Fix-up-mismerge-of-3490ea5d-in-3.7.y.patch - USB-report-submission-of-active-URBs.patch - exec-use-eloop-for-max-recursion-depth.patch - 8139cp-revert-set-ring-address-before-enabling-receiver.patch - 8139cp-set-ring-address-after-enabling-C-mode.patch - 8139cp-re-enable-interrupts-after-tx-timeout.patch - brcmsmac-updates-rhbz892428.patch - silence-brcmsmac-warning.patch - net-fix-infinite-loop-in-__skb_recv_datagram.patch - Bluetooth-Add-support-for-Foxconn-Hon-Hai-0489-e056.patch - 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch Needs checking: - arm-tegra-nvec-kconfig.patch - arm-tegra-sdhci-module-fix.patch * Tue Feb 26 2013 Justin M. Forbes <jforbes@redhat.com> - Avoid recursion in put_user_ns, potential overflow * Tue Feb 26 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-1767 tmpfs: fix use-after-free of mempolicy obj (rhbz 915592,915716) - Fix vmalloc_fault oops during lazy MMU (rhbz 914737) * Mon Feb 25 2013 Josh Boyer <jwboyer@redhat.com> - Honor dmesg_restrict for /dev/kmsg (rhbz 903192) * Sun Feb 24 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.9-205 - CVE-2013-1763 sock_diag: out-of-bounds access to sock_diag_handlers (rhbz 915052,915057) * Fri Feb 22 2013 Josh Boyer <jwboyer@redhat.com> - Add support for bluetooth in Acer Aspire S7 (rhbz 879408) * Thu Feb 21 2013 Neil Horman <nhorman@redhat.com> - Fix crash from race in ipv6 dst entries (rhbz 892060) * Wed Feb 20 2013 Josh Boyer <jwboyer@redhat.com> - Fix perf report field separator issue (rhbz 906055) - Fix oops from acpi_rsdp setup in secure-boot patchset (rhbz 906225) * Tue Feb 19 2013 Josh Boyer <jwboyer@redhat.com> - Add support for Atheros 04ca:3004 bluetooth devices (rhbz 844750) - Backport support for newer ALPS touchpads (rhbz 812111) * Tue Feb 19 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Fix OMAP thermal driver by building it in (seems it doesn't auto load when a module) * Mon Feb 18 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.9-201 - Linux v3.7.9 * Mon Feb 18 2013 Adam Jackson <ajax@redhat.com - i915: Fix a mismerge in 3.7.y that leads to divide-by-zero in i915_update_wm * Fri Feb 15 2013 Josh Boyer <jwboyer@redhat.com> - CVE-2013-0290 net: infinite loop in __skb_recv_datagram (rhbz 911479 911473) * Thu Feb 14 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.8-201 - Linux v3.7.8 * Thu Feb 14 2013 Adam Jackson <ajax@redhat.com> - i915: Hush asserts during TV detection, just useless noise - i915: Fix LVDS downclock to not cripple performance (#901951) * Thu Feb 14 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix corruption on newer M6116 SATA bridges (rhbz 909591) - CVE-2013-0228 xen: xen_iret() invalid %ds local DoS (rhbz 910848 906309) * Tue Feb 12 2013 Dave Jones <davej@redhat.com> - Add networking queue for next stable release. * Tue Feb 12 2013 Dave Jones <davej@redhat.com> - mm: Check if PUD is large when validating a kernel address * Tue Feb 12 2013 Dave Jones <davej@redhat.com> - Silence brcmsmac warnings. (Fixed in 3.8, but not backporting to 3.7) * Tue Feb 12 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.7.7 * Mon Feb 11 2013 Josh Boyer <jwboyer@redhat.com> - Add patch from Kees Cook to restrict MSR writting in secure boot mode - Add patch to honor MokSBState (rhbz 907406) * Thu Feb 7 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Minor ARM build fixes * Wed Feb 6 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix ath9k dma stop checks (rhbz 892811) * Mon Feb 4 2013 Josh Boyer <jwboyer@redhat.com> - Linux v3.7.6 - Update secure-boot patchset - Fix rtlwifi scheduling while atomic from Larry Finger (rhbz 903881) * Tue Jan 29 2013 Josh Boyer <jwboyer@redhat.com> - Backport driver for Cypress PS/2 trackpad (rhbz 799564) * Mon Jan 28 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.5-201 - Linux v3.7.5 - Add patch to fix iwlwifi issues (rhbz 863424) * Sun Jan 27 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Build and package dtbs on ARM - Enable FB options for qemu vexpress on unified * Fri Jan 25 2013 Justin M. Forbes <jforbes@redhat.com> - Turn off THP for 32bit * Wed Jan 23 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.4-204 - brcmsmac fixes from upstream (rhbz 892428) * Wed Jan 23 2013 Dave Jones <davej@redhat.com> - Remove warnings about empty IPI masks. * Tue Jan 22 2013 Justin M. Forbes <jforbes@redhat.com> - 3.7.4-203 - Add i915 bugfix from airlied * Tue Jan 22 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Apply ARM errata fix - disable HVC_DCC and VIRTIO_CONSOLE on ARM * Tue Jan 22 2013 Josh Boyer <jwboyer@redhat.com> - Fix libata settings bug (rhbz 902523) * Mon Jan 21 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.4-201 - Linux v3.7.4 * Fri Jan 18 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.3-201 - Linux v3.7.3 * Thu Jan 17 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Merge 3.7 ARM kernel including unified kernel - Drop separate IMX and highbank kernels - Disable ARM PL310 errata that crash highbank * Wed Jan 16 2013 Josh Boyer <jwboyer@redhat.com> - Fix power management sysfs on non-secure boot machines (rhbz 896243) * Wed Jan 16 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.2-204 - Fix for CVE-2013-0190 xen corruption with 32bit pvops (rhbz 896051 896038) * Wed Jan 16 2013 Josh Boyer <jwboyer@redhat.com> - Add patch from Stanislaw Gruszka to fix iwlegacy IBSS cleanup (rhbz 886946) * Tue Jan 15 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.2-203 - Turn off Intel IOMMU by default - Stable queue from 3.7.3 with many relevant fixes * Tue Jan 15 2013 Josh Boyer <jwboyer@redhat.com> - Enable CONFIG_DVB_USB_V2 (rhbz 895460) * Mon Jan 14 2013 Josh Boyer <jwboyer@redhat.com> - Enable Orinoco drivers in kernel-modules-extra (rhbz 894069) * Fri Jan 11 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.1-1 - Linux v3.7.2 - Enable Intel IOMMU by default * Thu Jan 10 2013 Dave Jones <davej@redhat.com> - Add audit-libs-devel to perf build-deps to enable trace command. (rhbz 892893) * Tue Jan 8 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix shutdown on some machines (rhbz 890547) * Mon Jan 7 2013 Josh Boyer <jwboyer@redhat.com> - Patch to fix efivarfs underflow from Lingzhu Xiang (rhbz 888163) * Sun Jan 6 2013 Josh Boyer <jwboyer@redhat.com> - Fix version.h include due to UAPI change in 3.7 (rhbz 892373) * Fri Jan 4 2013 Josh Boyer <jwboyer@redhat.com> - Fix oops on aoe module removal (rhbz 853064) * Thu Jan 3 2013 Josh Boyer <jwboyer@redhat.com> - 3.7.1-2 - Fixup secure boot patchset for 3.7 rebase - Package bash completion script for perf * Thu Jan 3 2013 Dave Jones <davej@redhat.com> - Rebase to 3.7.1 * Wed Jan 2 2013 Josh Boyer <jwboyer@redhat.com> - Fix autofs issue in 3.6 (rhbz 874372) - BR the hostname package (rhbz 886113) * Mon Dec 17 2012 Josh Boyer <jwboyer@redhat.com> - 3.6.11-3 - Linux v3.6.11 * Mon Dec 17 2012 Dennis Gilmore <dennis@ausil.us> - disable gpiolib on vexpress * Mon Dec 17 2012 Josh Boyer <jwboyer@redhat.com> - Fix oops in sony-laptop setup (rhbz 873107) * Wed Dec 12 2012 Josh Boyer <jwboyer@redhat.com> - 3.6.10-5 - Fix infinite loop in efi signature parser - Don't error out if db doesn't exist -------------------------------------------------------------------------------- References: [ 1 ] Bug #952197 - Kernel: tracing: NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=952197 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds