drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme im Kernel
Name: |
Mehrere Probleme im Kernel |
|
ID: |
FEDORA-2013-17012 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 19 |
|
Datum: |
Do, 19. September 2013, 08:11 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4350 |
|
Applikationen: |
Linux |
|
Originalnachricht |
Name : kernel Product : Fedora 19 Version : 3.11.1 Release : 200.fc19 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
------------------------------------------------------------------------------- - Update Information:
The 3.11.1 update contains a number of important fixes accross the tree. ------------------------------------------------------------------------------- - ChangeLog:
* Sat Sep 14 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.11.1-200 - Linux v3.11.1 * Fri Sep 13 2013 Kyle McMartin <kyle@redhat.com> - Fix crash-driver.patch to properly use page_is_ram. * Fri Sep 13 2013 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2013-4350 net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit (rhbz 1007872 1007903) - CVE-2013-4343 net: use-after-free TUNSETIFF (rhbz 1007733 1007741) * Thu Sep 12 2013 Josh Boyer <jwboyer@fedoraproject.org> - Update HID CVE fixes to fix crash from lenovo-tpkbd driver (rhbz 1003998) * Wed Sep 11 2013 Neil Horman <nhorman@redhat.com> - Fix pcie/acpi hotplug conflict (rhbz 963991) - Fix race in crypto larval lookup * Wed Sep 11 2013 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.11 rebase * Mon Sep 9 2013 Josh Boyer <jwboyer@fedoraproject.org> 3.10.11-200 - Fix system freeze due to incorrect rt2800 initialization (rhbz 1000679) * Mon Sep 9 2013 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v3.10.11 * Fri Aug 30 2013 Josh Boyer <jwboyer@fedoraproject.org> - Fix HID CVEs. Absurd. - CVE-2013-2888 rhbz 1000451 1002543 CVE-2013-2889 rhbz 999890 1002548 - CVE-2013-2891 rhbz 999960 1002555 CVE-2013-2892 rhbz 1000429 1002570 - CVE-2013-2893 rhbz 1000414 1002575 CVE-2013-2894 rhbz 1000137 1002579 - CVE-2013-2895 rhbz 1000360 1002581 CVE-2013-2896 rhbz 1000494 1002594 - CVE-2013-2897 rhbz 1000536 1002600 CVE-2013-2899 rhbz 1000373 1002604 * Thu Aug 29 2013 Justin M. Forbes <jforbes@fedoraproject.org> 3.10.10-200 - Linux v3.10.10 * Wed Aug 28 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add mei patches that fix various s/r issues (rhbz 994824 989373) * Wed Aug 21 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch to fix brcmsmac oops (rhbz 989269) - CVE-2013-0343 handling of IPv6 temporary addresses (rhbz 914664 999380) * Tue Aug 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - Linux v3.10.9 * Tue Aug 20 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.10.8-200 - Linux v3.10.8 - CVE-2013-4254 ARM: perf: NULL pointer dereference in validate_event (rhbz 998878 998881) * Fri Aug 16 2013 Josh Boyer <jwboyer@fedoraproject.org> - Add patch from Nathanael Noblet to fix mic on Gateway LT27 (rhbz 845699) * Thu Aug 15 2013 Josh Boyer <jwboyer@redhat.com> - 3.10.7-200 - Enable memory cgroup swap accounting (rhbz 982808) - Add patch to fix regression on TeVII S471 devices (rhbz 963715) - Linux v3.10.7 * Mon Aug 12 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.6-200 - Linux v3.10.6 * Wed Aug 7 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.5-201 - Bump for rebuild after koji hiccup * Wed Aug 7 2013 Josh Boyer <jwboyer@redhat.com> - Add zero file length check to make sure pesign didn't fail (rhbz 991808) * Tue Aug 6 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.5-200 - update s390x config [Dan Horák] * Mon Aug 5 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.10.5 * Thu Aug 1 2013 Josh Boyer <jwboyer@redhat.com> - Fix mac80211 connection issues (rhbz 981445) - Fix firmware issues with iwl4965 and rfkill (rhbz 977053) - Drop hid-logitech-dj patch that was breaking enumeration (rhbz 989138) * Wed Jul 31 2013 Josh Boyer <jwboyer@redhat.com> - update s390x config [Dan Horák] * Tue Jul 30 2013 Josh Boyer <jwboyer@redhat.com> - 3.10.4-300 - Revert some changes to make Logitech devices function properly (rhbz 989138) * Mon Jul 29 2013 Josh Boyer <jwboyer@redhat.com> - Fix i915 suspend/resume regression in 3.10 (rhbz 989093) - Linux v3.10.4 - Add support for elantech v7 devices (rhbz 969473) * Fri Jul 26 2013 Josh Boyer <jwboyer@redhat.com> - Add patch to fix NULL deref in iwlwifi (rhbz 979581) * Thu Jul 25 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.3-300 - Linux v3.10.3 * Wed Jul 24 2013 Justin M. Forbes <jforbes@redhat.com> - Net stable queue from davem (rhbz 987639 987656) * Mon Jul 22 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.2-301 - Update secureboot patch for 3.10 * Mon Jul 22 2013 Josh Boyer <jwboyer@redhat.com> - Fix timer issue in bridge code (rhbz 980254) * Mon Jul 22 2013 Justin M. Forbes <jforbes@redhat.com> 3.10.2-300 - Linux v3.10.2 * Fri Jul 19 2013 Dave Jones <davej@redhat.com> - CVE-2013-4125 ipv6: BUG_ON in fib6_add_rt2node() (rhbz 984664) * Wed Jul 17 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Re-enable ARM - Drop tegra subkernel as it's now multi-platform - Enable i.MX SoC support - Drop old ARM patches * Wed Jul 17 2013 Dave Jones <davej@redhat.com> - Rebase to 3.10.1 dropped: debug-bad-pte-dmi.patch debug-bad-pte-modules.patch arm-omap-ehci-fix.patch arm-omap-fixdrm.patch drm-ttm-exports-for-qxl.patch drm-qxl-driver.patch drm-qxl-3.10-rc7-diff.patch drm-qxl-access-fix.patch VMX-x86-handle-host-TSC-calibration-failure.patch forcedeth-dma-error-check.patch block-do-not-pass-disk-names-as-format-strings.patch cdrom-use-kzalloc-for-failing-hardware.patch vfio-Set-container-device-mode.patch vfio-fix-crash-on-rmmod.patch tulip-dma-debug-error.patch af_key-fix-info-leaks-in-notify-messages.patch ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch arm-tegra-fixclk.patch cfg80211-mac80211-disconnect-on-suspend.patch mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch gssproxy-backport.patch ceph-fix.patch * Fri Jul 12 2013 Dave Jones <davej@redhat.com> - 3.9.9-304 - Disable LATENCYTOP/SCHEDSTATS in non-debug builds. * Fri Jul 12 2013 Josh Boyer <jwboyer@redhat.com> - Fix various overflow issues in ext4 (rhbz 976837) - Add iwlwifi fix for connection issue (rhbz 885407) * Thu Jul 11 2013 Kyle McMartin <kyle@redhat.com> - Enable USB on i.MX based boards, patch from Niels de Vos. * Fri Jul 5 2013 Josh Boyer <jwboyer@redhat.com> - Add report fixup for Genius Gila mouse from Benjamin Tissoires (rhbz 959721) - Add vhost-net use-after-free fix (rhbz 976789 980643) - Add fix for timer issue in bridge code (rhbz 980254) - CVE-2013-2232 ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg (rhbz 981552 981564) * Thu Jul 4 2013 Dave Airlie <airlied@redhat.com> - qxl: add suspend/resume and hibernate support * Wed Jul 3 2013 Josh Boyer <jwboyer@redhat.com> 3.9.9-301 - CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code (rhbz 977356 980341) - CVE-2013-2234 net: information leak in AF_KEY notify (rhbz 980995 981007) * Wed Jul 3 2013 Justin M. Forbes <jforbes@redhat.com> 3.9.9-300 - Linux v3.9.9 * Wed Jul 3 2013 Josh Boyer <jwboyer@redhat.com> - Add patches to fix iwl skb managment (rhbz 977040) * Wed Jul 3 2013 Dave Airlie <airlied@redhat.com> - fixup QXL driver patches to make it easier to rebase - add qxl driver dynamic resize + multiple heads support * Mon Jul 1 2013 Dave Airlie <airlied@redhat.com> - kernel portion of qxl cursor and dynamic resize fixes. * Fri Jun 28 2013 Peter Robinson <pbrobinson@fedoraproject.org> - Only enable ARM A15 errata on the LPAE kernel as it breaks A8 * Fri Jun 28 2013 Dave Airlie <airlied@redhat.com> - add qxl fix for missing access ok macro. * Thu Jun 27 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.8-300 - Linux v3.9.8 * Thu Jun 27 2013 Josh Boyer <jwboyer@redhat.com> - Fix stack memory usage for DMA in ath3k (rhbz 977558) * Wed Jun 26 2013 Josh Boyer <jwboyer@redhat.com> - Add two patches to fix bridge networking issues (rhbz 880035) * Tue Jun 25 2013 Kyle McMartin <kyle@redhat.com> - Cherry pick fix out of rawhide for %{with_*} tests in module signing from Jan Stancek. * Mon Jun 24 2013 Josh Boyer <jwboyer@redhat.com> - Fix battery issue with bluetooth keyboards (rhbz 903741) * Fri Jun 21 2013 Josh Boyer <jwboyer@redhat.com> - Add two patches to fix iwlwifi issues in unmapping - Add patch to fix carl9170 oops (rhbz 967271) * Thu Jun 20 2013 Justin M. Forbes <jforbes@redhat.com> - Linux v3.9.7 * Tue Jun 18 2013 Neil Horman <nhorman@redhat.com> - Fix dma debug error in tulip driver (rhbz 956732) * Tue Jun 18 2013 Dave Jones <davej@redhat.com> - Disable MTRR sanitizer by default. * Mon Jun 17 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.6-301 - Add patch to fix radeon issues on powerpc * Thu Jun 13 2013 Josh Boyer <jwboyer@redhat.com> - 3.9.6-300 - Linux v3.9.6 - Drop a bunch of powerpc patches that were includes in 3.9.6. Yay! * Wed Jun 12 2013 Kyle McMartin <kmcmarti@redhat.com> - Merge 0 and %{with_lpae} so both ARM and i686 use the same flavours. Set %{pae} to the flavour name {lpae, PAE}. Merging the descriptions would be nice, but is somewhat irrelevant... * Wed Jun 12 2013 Josh Boyer <jwboyer@redhat.com> - Update gssproxy patches - Fix KVM divide by zero error (rhbz 969644) - Add fix for rt5390/rt3290 regression (rhbz 950735) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1007872 - CVE-2013-4350 kernel: net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit https://bugzilla.redhat.com/show_bug.cgi?id=1007872 [ 2 ] Bug #1007733 - CVE-2013-4343 Kernel: net: use-after-free TUNSETIFF https://bugzilla.redhat.com/show_bug.cgi?id=1007733 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|