drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme im Kernel
Name: |
Zwei Probleme im Kernel |
|
ID: |
FEDORA-2015-1657 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 21 |
|
Datum: |
Fr, 6. Februar 2015, 07:34 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0239
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1465 |
|
Applikationen: |
Linux |
|
Originalnachricht |
Name : kernel Product : Fedora 21 Version : 3.18.5 Release : 201.fc21 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package
------------------------------------------------------------------------------- - Update Information:
This update should fix the adjtimex issues seen on 32bit systems with 3.18.5-200 The 3.18.5 stable update contains a number of important fixes across the tree. The 3.18.4 stable update contains a number of important fixes across the tree. ------------------------------------------------------------------------------- - ChangeLog:
* Mon Feb 2 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.18.5-201 - Fixup adjtimex freq validation on 32bit systems (rhbz 1188074) * Mon Feb 2 2015 Josh Boyer <jwboyer@fedoraproject.org> - CVE-XXXX-XXX DoS due to routing packets to too many different dsts/too fast (rhbz 1183744 1188347) * Fri Jan 30 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.18.5-200 - Linux v3.18.5 * Thu Jan 29 2015 Josh Boyer <jwboyer@fedoraproject.org> - Backport patch from Rob Clark to toggle i915 state machine checks - Disable i915 state checks * Tue Jan 27 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.18.4-200 - Linux v3.18.4 * Tue Jan 27 2015 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2015-0239 kvm: insufficient sysenter emulation from 16-bit (rhbz 1186448 1186453) * Mon Jan 19 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.18.3-201 - Add fixes from 3.18.4 queue to fix i915 issues (rhbz 1183232) - xhci: Check if slot is already in default state before moving it there (rhbz 1183289) * Fri Jan 16 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.18.3-200 - Linux v3.18.3 * Thu Jan 15 2015 Justin M. Forbes <jforbes@fedoraproject.org> - Build fixes for big-endian arches * Tue Jan 13 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.18.2-200 - Linux v3.18.2 * Mon Jan 12 2015 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-9585 ASLR brute-force possible for vdso (rhbz 1181054 1181056) - Backlight fixes for Samsung and Dell machines (rhbz 1094948 1115713 1163574) - Add various UAS quirks (rhbz 1124119) - Add patch to fix loop in VDSO (rhbz 1178975) * Thu Jan 8 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.17.8-300 - Linux v3.17.8 * Wed Jan 7 2015 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853) - Enable POWERCAP and INTEL_RAPL * Tue Jan 6 2015 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-9419 partial ASLR bypass through TLS base addr leak (rhbz 1177260 1177263) - CVE-2014-9428 remote DoS via batman-adv (rhbz 1178826 1178833) - Fix CIFS login issue (rhbz 1163927) * Mon Dec 29 2014 Josh Boyer <jwboyer@fedoraproject.org> - Enable F2FS (rhbz 972446) * Thu Dec 18 2014 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-8989 userns can bypass group restrictions (rhbz 1170684 1170688) - Fix dm-cache crash (rhbz 1168434) - Fix blk-mq crash on CPU hotplug (rhbz 1175261) * Wed Dec 17 2014 Josh Boyer <jwboyer@fedoraproject.org> - Enable USBIP in modules-extra from Johnathan Dieter (rhbz 1169478) - CVE-2014-XXXX isofs: infinite loop in CE record entries (rhbz 1175235 1175250) * Tue Dec 16 2014 Josh Boyer <jwboyer@fedoraproject.org> - Linux v3.17.7 - CVE-2014-8559 deadlock due to incorrect usage of rename_lock (rhbz 1159313 1173814) - Add patch from Josh Stone to restore var-tracking via Kconfig (rhbz 1126580) * Mon Dec 15 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix ppc64 boot with smt-enabled=off (rhbz 1173806) - CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374) * Fri Dec 12 2014 Kyle McMartin <kyle@fedoraproject.org> - build in ahci_platform on aarch64 temporarily. * Fri Dec 12 2014 Josh Boyer <jwboyer@fedoraproject.org> - Remove pointless warning in cfg80211 (rhbz 1172543) * Wed Dec 10 2014 Josh Boyer <jwboyer@fedoraproject.org> - Fix MSI issues on another Samsung pci-e SSD (rhbz 1084928) - Fix UAS crashes with Seagate and Fresco Logic drives (rhbz 1164945) - CVE-2014-8134 fix espfix for 32-bit KVM paravirt guests (rhbz 1172765 1172769) * Mon Dec 8 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.17.6-300 - Linux v3.17.6 * Fri Dec 5 2014 Kyle McMartin <kyle@fedoraproject.org> - 3.17.4-303 - arm64-fix-xgene_enet_process_ring.patch: fix a panic under load. * Thu Dec 4 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.17.4-302 - CVE-2014-9090 local DoS via do_double_fault due to improper SS faults (rhbz 1170691) * Thu Dec 4 2014 Kyle McMartin <kyle@fedoraproject.org> - kernel-arm64.patch: update. - arm64-force-serial-to-be-active-consdev.patch: force serial consoles to be the primary console device instead of defaulting to tty0. No changes to drivers outside of ARM-land. - arm64-vgic-error-to-info.patch: change an error to a warning so that kvm will work. * Mon Dec 1 2014 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to quiet i915 driver on long hdps - Add patch to fix oops when using xpad (rhbz 1094048) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1183744 - CVE-2015-1465 kernel: net: DoS due to routing packets to too many different dsts/too fast https://bugzilla.redhat.com/show_bug.cgi?id=1183744 [ 2 ] Bug #1186448 - CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code https://bugzilla.redhat.com/show_bug.cgi?id=1186448 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|