Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 18 Update: kernel-3.8.6-203.fc18
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Thursday 11th April 2013 23:33:52 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-5368
2013-04-11 09:35:00
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 18
Version     : 3.8.6
Release     : 203.fc18
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Update to latest stable upstream release, Linux v3.8.6.  Wide variety of
fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  9 2013 Josh Boyer <[email protected]> - 3.8.6-203
- Temporarily work around pci device assignment issues (rhbz 908888)
- CVE-2013-1929 tg3: len overflow in VPD firmware parsing (rhbz 949932
949946)
- Backport intel brightness quirk for emachines (rhbz 871932)
* Mon Apr  8 2013 Peter Robinson 
- Enable CMA on ARM tegra
- Minor tweeks to ARM OMAP
* Mon Apr  8 2013 Josh Boyer <[email protected]>
- Add patch from Benjamin Tissoires to fix race in HID magicmouse (rhbz
908604)
* Fri Apr  5 2013 Justin M. Forbes <[email protected]>
- Linux v3.8.6
* Wed Apr  3 2013 Dave Jones 
- Enable MTD_CHAR/MTD_BLOCK (Needed for SFC)
  Enable 10gigE on 64-bit only.
* Tue Apr  2 2013 Josh Boyer <[email protected]>
- Enable CONFIG_FB_MATROX_G on powerpc
- Add support for Atheros 04ca:3004 bluetooth devices (again) (rhbz 844750)
- Enable CONFIG_SCSI_DMX3191D (rhbz 919874)
* Mon Apr  1 2013 Josh Boyer <[email protected]>
- Enable the rtl8192e driver (rhbz 913753)
- Enable CONFIG_MCE_INJECT (rhbz 927353)
* Thu Mar 28 2013 Josh Boyer <[email protected]> - 3.8.5-201
- Linux v3.8.5
* Tue Mar 26 2013 Justin M. Forbes <[email protected]>
- Fix child thread introspection of of /proc/self/exe (rhbz 927469)
* Tue Mar 26 2013 Josh Boyer <[email protected]>
- Add quirk for Realtek card reader to avoid 10 sec boot delay (rhbz
806587)
- Add quirk for MSI keyboard backlight to avoid 10 sec boot delay (rhbz
907221)
* Mon Mar 25 2013 Justin M. Forbes <[email protected]>
- enable CONFIG_DRM_VMWGFX_FBCON (rhbz 927022)
- disable whci-hcd since it doesnt seem to have users (rhbz 919289)
* Sat Mar 23 2013 Peter Robinson 
- Disable Marvell Dove support for the moment as it breaks other SoCs
* Thu Mar 21 2013 Josh Boyer <[email protected]>
- Fix workqueue crash in mac80211 (rhbz 920218)
* Thu Mar 21 2013 Peter Robinson 
- Minor ARM config updates
* Wed Mar 20 2013 Justin M. Forbes <[email protected]> 3.8.4-201
- Linux v3.8.4
- CVE-2013-1873 information leaks via netlink interface (rhbz 923652
923662)
* Wed Mar 20 2013 Josh Boyer <[email protected]>
- CVE-2013-1796 kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME
  (rhbz 917012 923966)
- CVE-2013-1797 kvm: after free issue with the handling of
MSR_KVM_SYSTEM_TIME
  (rhbz 917013 923967)
- CVE-2013-1798 kvm: out-of-bounds access in ioapic indirect register reads
  (rhbz 917017 923968)
* Mon Mar 18 2013 Justin M. Forbes
- Revert rc6 ilk changes from 3.8.3 stable (rhbz 922304)
* Mon Mar 18 2013 Peter Robinson 
- Enable OMAP RNG and mvebu dove configs
* Fri Mar 15 2013 Josh Boyer <[email protected]>
- CVE-2013-1860 usb: cdc-wdm buf overflow triggered by dev (rhbz 921970
922004)
* Thu Mar 14 2013 Justin M. Forbes <[email protected]> 3.8.3-201
- Linux v3.8.3
* Thu Mar 14 2013 Josh Boyer <[email protected]>
- Fix divide by zero on host TSC calibration failure (rhbz 859282)
* Thu Mar 14 2013 Mauro Carvalho Chehab 
- fix i7300_edac twice-mem-size-report via EDAC API (rhbz 921500)
* Tue Mar 12 2013 Josh Boyer <[email protected]>
- Add patch to fix ieee80211_do_stop (rhbz 892599)
- Add patches to fix cfg80211 issues with suspend (rhbz 856863)
- Add patch to fix Cypress trackpad on XPS 12 machines (rhbz 912166)
- CVE-2013-0913 drm/i915: head writing overflow (rhbz 920471 920529)
- CVE-2013-0914 sa_restorer information leak (rhbz 920499 920510)
* Mon Mar 11 2013 Mauro Carvalho Chehab 
- fix amd64_edac twice-mem-size-report via EDAC API (rhbz 920586)
* Mon Mar 11 2013 Josh Boyer <[email protected]>
- Add patch to fix usb_submit_urb error in uvcvideo (rhbz 879462)
- Add patch to allow "8250." prefix to keep working (rhbz 911771)
- Add patch to fix w1_search oops (rhbz 857954)
- Add patch to fix broken tty handling (rhbz 904182)
* Fri Mar  8 2013 Josh Boyer <[email protected]>
- Add turbostat and x86_engery_perf_policy debuginfo to
kernel-tools-debuginfo
* Fri Mar  8 2013 Justin M. Forbes <[email protected]>
- Revert "write backlight harder" until better solution is found (rhbz
917353)
- Update team driver from net-next from Jiri Pirko
* Fri Mar  8 2013 Josh Boyer <[email protected]>
- CVE-2013-1828 sctp: SCTP_GET_ASSOC_STATS stack buffer overflow (rhbz
919315 919316)
* Fri Mar  8 2013 Peter Robinson 
- Have kernel provide kernel-highbank for upgrade to unified
- Update mvebu configs
- Drop unused ARM patches
* Thu Mar  7 2013 Josh Boyer <[email protected]>
- Fix DMI regression (rhbz 916444)
- Fix logitech-dj HID bug from Benjamin Tissoires (rhbz 840391)
- CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646
919021)
* Wed Mar  6 2013 Justin M. Forbes <[email protected]>
- Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz
880051)
- Fix destroy_conntrack GPF (rhbz 859346)
* Wed Mar  6 2013 Josh Boyer <[email protected]>
- Fix regression in secure-boot acpi_rsdp patch (rhbz 906225)
- crypto: info leaks in report API (rhbz 918512 918521)
* Tue Mar  5 2013 Peter Robinson 
- Fix Beagle (omap), update vexpress
* Tue Mar  5 2013 Josh Boyer <[email protected]>
- Backport 4 fixes for efivarfs (rhbz 917984)
- Enable CONFIG_IP6_NF_TARGET_MASQUERADE
* Mon Mar  4 2013 Josh Boyer <[email protected]>
- Fix issues in nx crypto driver from Kent Yoder (rhbz 916544)
* Mon Mar  4 2013 Justin M. Forbes <[email protected]> - 3.8.2-201
- Linux v3.8.2
* Mon Mar  4 2013 Peter Robinson 
- Fix DTB generation on ARM
* Fri Mar  1 2013 Dave Jones 
- Silence "tty is NULL" trace.
* Fri Mar  1 2013 Josh Boyer <[email protected]>
- Add patches to fix sunrpc panic (rhbz 904870)
* Thu Feb 28 2013 Peter Robinson 
- Update ARM config for 3.8
* Thu Feb 28 2013 Dave Jones 
- Remove no longer needed E1000 hack.
* Thu Feb 28 2013 Dave Jones 
- Drop SPARC64 support.
* Thu Feb 28 2013 Dave Jones 
- Linux 3.8.1
  Dropped (merged in 3.8.1)
  - drm-i915-lvds-reclock-fix.patch
  - usb-cypress-supertop.patch
  - perf-hists-Fix-period-symbol_conf.field_sep-display.patch
  - ipv6-dst-from-ptr-race.patch
  - sock_diag-Fix-out-of-bounds-access-to-sock_diag_handlers.patch
  - tmpfs-fix-use-after-free-of-mempolicy-object.patch
* Thu Feb 28 2013 Dave Jones 
- Update usb-cypress-supertop.patch
* Wed Feb 27 2013 Dave Jones 
- Update ALPS patch to what got merged in 3.9-rc
* Wed Feb 27 2013 Dave Jones 
- 3.8.0
  Dropped (merged in 3.8)
  - arm-l2x0-only-set-set_debug-on-pl310-r3p0-and-earlier.patch
  - power-x86-destdir.patch
  - modsign-post-KS-jwb.patch
  - efivarfs-3.7.patch
  - handle-efi-roms.patch
  - drm-i915-Fix-up-mismerge-of-3490ea5d-in-3.7.y.patch
  - USB-report-submission-of-active-URBs.patch
  - exec-use-eloop-for-max-recursion-depth.patch
  - 8139cp-revert-set-ring-address-before-enabling-receiver.patch
  - 8139cp-set-ring-address-after-enabling-C-mode.patch
  - 8139cp-re-enable-interrupts-after-tx-timeout.patch
  - brcmsmac-updates-rhbz892428.patch
  - silence-brcmsmac-warning.patch
  - net-fix-infinite-loop-in-__skb_recv_datagram.patch
  - Bluetooth-Add-support-for-Foxconn-Hon-Hai-0489-e056.patch
  - 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch
  Needs checking:
  - arm-tegra-nvec-kconfig.patch
  - arm-tegra-sdhci-module-fix.patch
* Tue Feb 26 2013 Justin M. Forbes <[email protected]>
- Avoid recursion in put_user_ns, potential overflow
* Tue Feb 26 2013 Josh Boyer <[email protected]>
- CVE-2013-1767 tmpfs: fix use-after-free of mempolicy obj (rhbz
915592,915716)
- Fix vmalloc_fault oops during lazy MMU (rhbz 914737)
* Mon Feb 25 2013 Josh Boyer <[email protected]>
- Honor dmesg_restrict for /dev/kmsg (rhbz 903192)
* Sun Feb 24 2013 Josh Boyer <[email protected]> - 3.7.9-205
- CVE-2013-1763 sock_diag: out-of-bounds access to sock_diag_handlers (rhbz
915052,915057)
* Fri Feb 22 2013 Josh Boyer <[email protected]>
- Add support for bluetooth in Acer Aspire S7 (rhbz 879408)
* Thu Feb 21 2013 Neil Horman 
- Fix crash from race in ipv6 dst entries (rhbz 892060)
* Wed Feb 20 2013 Josh Boyer <[email protected]>
- Fix perf report field separator issue (rhbz 906055)
- Fix oops from acpi_rsdp setup in secure-boot patchset (rhbz 906225)
* Tue Feb 19 2013 Josh Boyer <[email protected]>
- Add support for Atheros 04ca:3004 bluetooth devices (rhbz 844750)
- Backport support for newer ALPS touchpads (rhbz 812111)
* Tue Feb 19 2013 Peter Robinson 
- Fix OMAP thermal driver by building it in (seems it doesn't auto load
when a module)
* Mon Feb 18 2013 Justin M. Forbes <[email protected]> - 3.7.9-201
- Linux v3.7.9
* Mon Feb 18 2013 Adam Jackson 
- CVE-2013-0290 net: infinite loop in __skb_recv_datagram (rhbz 911479
911473)
* Thu Feb 14 2013 Justin M. Forbes <[email protected]> - 3.7.8-201
- Linux v3.7.8
* Thu Feb 14 2013 Adam Jackson 
- i915: Hush asserts during TV detection, just useless noise
- i915: Fix LVDS downclock to not cripple performance (#901951)
* Thu Feb 14 2013 Josh Boyer <[email protected]>
- Add patch to fix corruption on newer M6116 SATA bridges (rhbz 909591)
- CVE-2013-0228 xen: xen_iret() invalid %ds local DoS (rhbz 910848 906309)
* Tue Feb 12 2013 Dave Jones 
- Add networking queue for next stable release.
* Tue Feb 12 2013 Dave Jones 
- mm: Check if PUD is large when validating a kernel address
* Tue Feb 12 2013 Dave Jones 
- Silence brcmsmac warnings. (Fixed in 3.8, but not backporting to 3.7)
* Tue Feb 12 2013 Justin M. Forbes <[email protected]>
- Linux v3.7.7
* Mon Feb 11 2013 Josh Boyer <[email protected]>
- Add patch from Kees Cook to restrict MSR writting in secure boot mode
- Add patch to honor MokSBState (rhbz 907406)
* Thu Feb  7 2013 Peter Robinson 
- Minor ARM build fixes
* Wed Feb  6 2013 Josh Boyer <[email protected]>
- Add patch to fix ath9k dma stop checks (rhbz 892811)
* Mon Feb  4 2013 Josh Boyer <[email protected]>
- Linux v3.7.6
- Update secure-boot patchset
- Fix rtlwifi scheduling while atomic from Larry Finger (rhbz 903881)
* Tue Jan 29 2013 Josh Boyer <[email protected]>
- Backport driver for Cypress PS/2 trackpad (rhbz 799564)
* Mon Jan 28 2013 Josh Boyer <[email protected]> - 3.7.5-201
- Linux v3.7.5
- Add patch to fix iwlwifi issues (rhbz 863424)
* Sun Jan 27 2013 Peter Robinson 
- Build and package dtbs on ARM
- Enable FB options for qemu vexpress on unified
* Fri Jan 25 2013 Justin M. Forbes <[email protected]>
- Turn off THP for 32bit
* Wed Jan 23 2013 Justin M. Forbes <[email protected]> - 3.7.4-204
- brcmsmac fixes from upstream (rhbz 892428)
* Wed Jan 23 2013 Dave Jones 
- Remove warnings about empty IPI masks.
* Tue Jan 22 2013 Justin M. Forbes <[email protected]> - 3.7.4-203
- Add i915 bugfix from airlied
* Tue Jan 22 2013 Peter Robinson 
- Apply ARM errata fix
- disable HVC_DCC and VIRTIO_CONSOLE on ARM
* Tue Jan 22 2013 Josh Boyer <[email protected]>
- Fix libata settings bug (rhbz 902523)
* Mon Jan 21 2013 Josh Boyer <[email protected]> - 3.7.4-201
- Linux v3.7.4
* Fri Jan 18 2013 Justin M. Forbes <[email protected]> 3.7.3-201
- Linux v3.7.3
* Thu Jan 17 2013 Peter Robinson 
- Merge 3.7 ARM kernel including unified kernel
- Drop separate IMX and highbank kernels
- Disable ARM PL310 errata that crash highbank
* Wed Jan 16 2013 Josh Boyer <[email protected]>
- Fix power management sysfs on non-secure boot machines (rhbz 896243)
* Wed Jan 16 2013 Justin M. Forbes <[email protected]>  3.7.2-204
- Fix for CVE-2013-0190 xen corruption with 32bit pvops (rhbz 896051
896038)
* Wed Jan 16 2013 Josh Boyer <[email protected]>
- Add patch from Stanislaw Gruszka to fix iwlegacy IBSS cleanup (rhbz
886946)
* Tue Jan 15 2013 Justin M. Forbes <[email protected]> 3.7.2-203
- Turn off Intel IOMMU by default
- Stable queue from 3.7.3 with many relevant fixes
* Tue Jan 15 2013 Josh Boyer <[email protected]>
- Enable CONFIG_DVB_USB_V2 (rhbz 895460)
* Mon Jan 14 2013 Josh Boyer <[email protected]>
- Enable Orinoco drivers in kernel-modules-extra (rhbz 894069)
* Fri Jan 11 2013 Justin M. Forbes <[email protected]> 3.7.1-1
- Linux v3.7.2
- Enable Intel IOMMU by default
* Thu Jan 10 2013 Dave Jones 
- Add audit-libs-devel to perf build-deps to enable trace command. (rhbz
892893)
* Tue Jan  8 2013 Josh Boyer <[email protected]>
- Add patch to fix shutdown on some machines (rhbz 890547)
* Mon Jan  7 2013 Josh Boyer <[email protected]>
- Patch to fix efivarfs underflow from Lingzhu Xiang (rhbz 888163)
* Sun Jan  6 2013 Josh Boyer <[email protected]>
- Fix version.h include due to UAPI change in 3.7 (rhbz 892373)
* Fri Jan  4 2013 Josh Boyer <[email protected]>
- Fix oops on aoe module removal (rhbz 853064)
* Thu Jan  3 2013 Josh Boyer <[email protected]> - 3.7.1-2
- Fixup secure boot patchset for 3.7 rebase
- Package bash completion script for perf
* Thu Jan  3 2013 Dave Jones 
- Rebase to 3.7.1
* Wed Jan  2 2013 Josh Boyer <[email protected]>
- Fix autofs issue in 3.6 (rhbz 874372)
- BR the hostname package (rhbz 886113)
* Mon Dec 17 2012 Josh Boyer <[email protected]> - 3.6.11-3
- Linux v3.6.11
* Mon Dec 17 2012 Dennis Gilmore 
- disable gpiolib on vexpress
* Mon Dec 17 2012 Josh Boyer <[email protected]>
- Fix oops in sony-laptop setup (rhbz 873107)
* Wed Dec 12 2012 Josh Boyer <[email protected]> - 3.6.10-5
- Fix infinite loop in efi signature parser
- Don't error out if db doesn't exist
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #949932 - CVE-2013-1929 Kernel: tg3: buffer overflow in VPD
firmware parsing
        https://bugzilla.redhat.com/show_bug.cgi?id=949932
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms