Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 19 Update: kernel-3.10.11-200.fc19
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Friday 13th September 2013 01:05:37 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-16379
2013-09-11 00:37:22
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 19
Version     : 3.10.11
Release     : 200.fc19
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

The 3.10.11 stable update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep  9 2013 Josh Boyer <[email protected]> 3.10.11-200
- Fix system freeze due to incorrect rt2800 initialization (rhbz 1000679)
* Mon Sep  9 2013 Justin M. Forbes <[email protected]>
- Linux v3.10.11
* Fri Aug 30 2013 Josh Boyer <[email protected]>
- Fix HID CVEs.  Absurd.
- CVE-2013-2888 rhbz 1000451 1002543 CVE-2013-2889 rhbz 999890 1002548
- CVE-2013-2891 rhbz 999960 1002555  CVE-2013-2892 rhbz 1000429 1002570
- CVE-2013-2893 rhbz 1000414 1002575 CVE-2013-2894 rhbz 1000137 1002579
- CVE-2013-2895 rhbz 1000360 1002581 CVE-2013-2896 rhbz 1000494 1002594
- CVE-2013-2897 rhbz 1000536 1002600 CVE-2013-2899 rhbz 1000373 1002604
* Thu Aug 29 2013 Justin M. Forbes <[email protected]> 3.10.10-200
- Linux v3.10.10
* Wed Aug 28 2013 Josh Boyer <[email protected]>
- Add mei patches that fix various s/r issues (rhbz 994824 989373)
* Wed Aug 21 2013 Josh Boyer <[email protected]>
- Add patch to fix brcmsmac oops (rhbz 989269)
- CVE-2013-0343 handling of IPv6 temporary addresses (rhbz 914664 999380)
* Tue Aug 20 2013 Josh Boyer <[email protected]>
- Linux v3.10.9
* Tue Aug 20 2013 Josh Boyer <[email protected]> - 3.10.8-200
- Linux v3.10.8
- CVE-2013-4254 ARM: perf: NULL pointer dereference in validate_event (rhbz
998878 998881)
* Fri Aug 16 2013 Josh Boyer <[email protected]>
- Add patch from Nathanael Noblet to fix mic on Gateway LT27 (rhbz 845699)
* Thu Aug 15 2013 Josh Boyer <[email protected]> - 3.10.7-200
- Enable memory cgroup swap accounting (rhbz 982808)
- Add patch to fix regression on TeVII S471 devices (rhbz 963715)
- Linux v3.10.7
* Mon Aug 12 2013 Justin M. Forbes <[email protected]> 3.10.6-200
- Linux v3.10.6
* Wed Aug  7 2013 Justin M. Forbes <[email protected]> 3.10.5-201
- Bump for rebuild after koji hiccup
* Wed Aug  7 2013 Josh Boyer <[email protected]>
- Add zero file length check to make sure pesign didn't fail (rhbz 991808)
* Tue Aug  6 2013 Justin M. Forbes <[email protected]> 3.10.5-200
- update s390x config [Dan Horák]
* Mon Aug  5 2013 Justin M. Forbes <[email protected]>
- Linux v3.10.5
* Thu Aug  1 2013 Josh Boyer <[email protected]>
- Fix mac80211 connection issues (rhbz 981445)
- Fix firmware issues with iwl4965 and rfkill (rhbz 977053)
- Drop hid-logitech-dj patch that was breaking enumeration (rhbz 989138)
* Wed Jul 31 2013 Josh Boyer <[email protected]>
- update s390x config [Dan Horák]
* Tue Jul 30 2013 Josh Boyer <[email protected]> - 3.10.4-300
- Revert some changes to make Logitech devices function properly (rhbz
989138)
* Mon Jul 29 2013 Josh Boyer <[email protected]>
- Fix i915 suspend/resume regression in 3.10 (rhbz 989093)
- Linux v3.10.4
- Add support for elantech v7 devices (rhbz 969473)
* Fri Jul 26 2013 Josh Boyer <[email protected]>
- Add patch to fix NULL deref in iwlwifi (rhbz 979581)
* Thu Jul 25 2013 Justin M. Forbes <[email protected]> 3.10.3-300
- Linux v3.10.3
* Wed Jul 24 2013 Justin M. Forbes <[email protected]>
- Net stable queue from davem (rhbz 987639 987656)
* Mon Jul 22 2013 Justin M. Forbes <[email protected]> 3.10.2-301
- Update secureboot patch for 3.10
* Mon Jul 22 2013 Josh Boyer <[email protected]>
- Fix timer issue in bridge code (rhbz 980254)
* Mon Jul 22 2013 Justin M. Forbes <[email protected]> 3.10.2-300
- Linux v3.10.2
* Fri Jul 19 2013 Dave Jones 
- CVE-2013-4125  ipv6: BUG_ON in fib6_add_rt2node() (rhbz 984664)
* Wed Jul 17 2013 Peter Robinson 
- Re-enable ARM
- Drop tegra subkernel as it's now multi-platform
- Enable i.MX SoC support
- Drop old ARM patches
* Wed Jul 17 2013 Dave Jones 
- Rebase to 3.10.1
  dropped:
   debug-bad-pte-dmi.patch
   debug-bad-pte-modules.patch
   arm-omap-ehci-fix.patch
   arm-omap-fixdrm.patch
   drm-ttm-exports-for-qxl.patch
   drm-qxl-driver.patch
   drm-qxl-3.10-rc7-diff.patch
   drm-qxl-access-fix.patch
   VMX-x86-handle-host-TSC-calibration-failure.patch
   forcedeth-dma-error-check.patch
   block-do-not-pass-disk-names-as-format-strings.patch
   cdrom-use-kzalloc-for-failing-hardware.patch
   vfio-Set-container-device-mode.patch
   vfio-fix-crash-on-rmmod.patch
   tulip-dma-debug-error.patch
   af_key-fix-info-leaks-in-notify-messages.patch
   ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch
   arm-tegra-fixclk.patch
   cfg80211-mac80211-disconnect-on-suspend.patch
   mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch
   gssproxy-backport.patch
   ceph-fix.patch
* Fri Jul 12 2013 Dave Jones  - 3.9.9-304
- Disable LATENCYTOP/SCHEDSTATS in non-debug builds.
* Fri Jul 12 2013 Josh Boyer <[email protected]>
- Fix various overflow issues in ext4 (rhbz 976837)
- Add iwlwifi fix for connection issue (rhbz 885407)
* Thu Jul 11 2013 Kyle McMartin 
- Enable USB on i.MX based boards, patch from Niels de Vos.
* Fri Jul  5 2013 Josh Boyer <[email protected]>
- Add report fixup for Genius Gila mouse from Benjamin Tissoires (rhbz
959721)
- Add vhost-net use-after-free fix (rhbz 976789 980643)
- Add fix for timer issue in bridge code (rhbz 980254)
- CVE-2013-2232 ipv6: using ipv4 vs ipv6 structure during routing lookup in
sendmsg (rhbz 981552 981564)
* Thu Jul  4 2013 Dave Airlie 
- qxl: add suspend/resume and hibernate support
* Wed Jul  3 2013 Josh Boyer <[email protected]> 3.9.9-301
- CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code
(rhbz 977356 980341)
- CVE-2013-2234 net: information leak in AF_KEY notify (rhbz 980995 981007)
* Wed Jul  3 2013 Justin M. Forbes <[email protected]> 3.9.9-300
- Linux v3.9.9
* Wed Jul  3 2013 Josh Boyer <[email protected]>
- Add patches to fix iwl skb managment (rhbz 977040)
* Wed Jul  3 2013 Dave Airlie 
- fixup QXL driver patches to make it easier to rebase
- add qxl driver dynamic resize + multiple heads support
* Mon Jul  1 2013 Dave Airlie 
- kernel portion of qxl cursor and dynamic resize fixes.
* Fri Jun 28 2013 Peter Robinson 
- Only enable ARM A15 errata on the LPAE kernel as it breaks A8
* Fri Jun 28 2013 Dave Airlie  
- add qxl fix for missing access ok macro.
* Thu Jun 27 2013 Josh Boyer <[email protected]> - 3.9.8-300
- Linux v3.9.8
* Thu Jun 27 2013 Josh Boyer <[email protected]>
- Fix stack memory usage for DMA in ath3k (rhbz 977558)
* Wed Jun 26 2013 Josh Boyer <[email protected]>
- Add two patches to fix bridge networking issues (rhbz 880035)
* Tue Jun 25 2013 Kyle McMartin 
- Cherry pick fix out of rawhide for %{with_*} tests in module
  signing from Jan Stancek.
* Mon Jun 24 2013 Josh Boyer <[email protected]>
- Fix battery issue with bluetooth keyboards (rhbz 903741)
* Fri Jun 21 2013 Josh Boyer <[email protected]>
- Add two patches to fix iwlwifi issues in unmapping
- Add patch to fix carl9170 oops (rhbz 967271)
* Thu Jun 20 2013 Justin M. Forbes <[email protected]>
- Linux v3.9.7
* Tue Jun 18 2013 Neil Horman 
- Fix dma debug error in tulip driver (rhbz 956732)
* Tue Jun 18 2013 Dave Jones 
- Disable MTRR sanitizer by default.
* Mon Jun 17 2013 Josh Boyer <[email protected]> - 3.9.6-301
- Add patch to fix radeon issues on powerpc
* Thu Jun 13 2013 Josh Boyer <[email protected]> - 3.9.6-300
- Linux v3.9.6
- Drop a bunch of powerpc patches that were includes in 3.9.6.  Yay!
* Wed Jun 12 2013 Kyle McMartin 
- Merge 0 and %{with_lpae} so both ARM and i686 use the same
  flavours. Set %{pae} to the flavour name {lpae, PAE}. Merging
  the descriptions would be nice, but is somewhat irrelevant...
* Wed Jun 12 2013 Josh Boyer <[email protected]>
- Update gssproxy patches
- Fix KVM divide by zero error (rhbz 969644)
- Add fix for rt5390/rt3290 regression (rhbz 950735)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1000451 - CVE-2013-2888 Kernel: HID: memory corruption flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1000451
  [ 2 ] Bug #999960 - CVE-2013-2891 Kernel: HID: steelseries: heap overflow
flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=999960
  [ 3 ] Bug #1000414 - CVE-2013-2893 Kernel: HID: LG: heap overflow flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1000414
  [ 4 ] Bug #1000360 - CVE-2013-2895 Kernel: HID: logitech-dj: heap
overflow flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1000360
  [ 5 ] Bug #1000536 - CVE-2013-2897 Kernel: HID: multitouch: heap overflow
flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1000536
  [ 6 ] Bug #999890 - CVE-2013-2889 Kernel: HID: zeroplus: heap overflow
flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=999890
  [ 7 ] Bug #1000429 - CVE-2013-2892 Kernel: HID: pantherlord: heap
overflow flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1000429
  [ 8 ] Bug #1000137 - CVE-2013-2894 Kernel: HID: lenovo-tpkbd: heap
overflow flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=1000137
  [ 9 ] Bug #1000494 - CVE-2013-2896 Kernel: HID: ntrig: NULL pointer
dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=1000494
  [ 10 ] Bug #1000373 - CVE-2013-2899 Kernel: HID: picolcd_core: NULL
pointer dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=1000373
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms