Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in Linux
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in Linux
ID: FEDORA-2015-12917
Distribution: Fedora
Plattformen: Fedora 21
Datum: Mi, 12. August 2015, 10:25
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5697
Applikationen: Linux

Originalnachricht

Name        : kernel
Product : Fedora 21
Version : 4.1.4
Release : 100.fc21
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

-------------------------------------------------------------------------------
-
Update Information:

Update to latest upstream stable release, Linux v4.1.4. Fixes across the tree.
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Aug 3 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.1.4-100
- Linux v4.1.4
- CVE-2015-5697 info leak in md driver (rhbz 1249011 1249013)
* Wed Jul 29 2015 Laura Abbott <labbott@fedoraproject.org> - 4.1.3-100
- Change tag for build since a previous build never happened
* Mon Jul 27 2015 Laura Abbott <labbott@fedoraproject.org>
- CVE-2015-3290 CVE-2015-3291 NMI issues (rhbz 1243465 1245927)
* Mon Jul 27 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-1333 add_key memory leak (rhbz 1244171)
* Thu Jul 23 2015 Laura Abbott <labbott@fedoraproject.org>
- Linux v4.1.3 rebase
- Fix warning from pcmcia (rhbz 1180920 1206724)
* Wed Jul 22 2015 Laura Abbott <labbott@fedoraproject.org> - 4.0.9-200
- Linux v4.0.9
- Add patches for Ideapad RF switches (rhbz 1192270)
* Fri Jul 10 2015 Laura Abbott <labbott@redhat.com> - 4.0.8-200
- Linux v4.0.8
* Tue Jul 7 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Drop incorrect patches for now (rhbz 1212230)
* Mon Jun 29 2015 Laura Abbott <labbott@fedoraproject.org> - 4.0.7-200
- Linux v4.0.7
* Tue Jun 23 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
4.0.6-200
- Linux v4.0.6
* Thu Jun 18 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add patch to fix touchpad issues on Razer machines (rhbz 1227891)
* Fri Jun 12 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-XXXX kvm: NULL ptr deref in kvm_apic_has_events (rhbz 1230770
1230774)
* Thu Jun 11 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Backport fixes for synaptic 3 finger tap (rhbz 1212230)
- Backport btrfs fixes queued for stable (rhbz 1217191)
* Tue Jun 9 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix touchpad for Thinkpad S540 (rhbz 1223051)
* Mon Jun 8 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.0.5-200
- Linux v4.0.5
* Thu Jun 4 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Backport commit to fix block spew (rhbz 1226621)
- Add patch to fix SMT guests on POWER7 (rhbz 1227877)
- Add patch to turn of WC mmaps on i915 from airlied (rhbz 1226743)
* Wed Jun 3 2015 Laura Abbott <labbott@fedoraproject.org>
- Fix del_timer_sync in mwifiex
* Wed Jun 3 2015 Laura Abbott <labbott@fedoraproject.org>
- Drop that blasted firwmare warning until we get a real fix (rhbz 1133378)
* Wed Jun 3 2015 Laura Abbott <labbott@fedoraproject.org>
- Fix auditing of canonical mode (rhbz 1188695)
* Wed Jun 3 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-1420 fhandle race condition (rhbz 1187534 1227417)
* Tue Jun 2 2015 Laura Abbott <labbott@fedoraproject.org>
- Fix fd_do_rw error (rhbz 1218882)
* Tue Jun 2 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix middle button issues on external Lenovo keyboards (rhbz 1225563)
* Thu May 28 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add quirk for Mac Pro backlight (rhbz 1217249)
* Wed May 27 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.0.4-202
- Apply queued fixes for crasher reported by Alex Larsson
* Tue May 26 2015 Laura Abbott <labbott@fedoraproject.org>
- Fix signed division error (rhbz 1200353)
* Tue May 26 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Backport patch to fix might_sleep splat (rhbz 1220519)
* Thu May 21 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.0.4-201
- Add patch to fix discard on md RAID0 (rhbz 1223332)
- Add submitted stable fix for i915 flickering on ilk (rhbz 1218688)
* Mon May 18 2015 Laura Abbott <labbott@fedoraproject.org>
- Re-add the v4l2 query caps patch which was dropped
* Mon May 18 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix incorrect bandwidth on some Chicony webcams
* Mon May 18 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
4.0.4-200
- Disable YAMA for F21
- Linux v4.0.4
* Fri May 15 2015 Laura Abbott <labbott@fedoraproject.org>
- Fix DVB oops (rhbz 1220118)
* Thu May 14 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
4.0.3-201
- Linux v4.0.3
- Disable i915 verbose state checks
* Mon May 11 2015 Laura Abbott <labbott@fedoraproject.org> - 3.19.8-200
- Linux v3.19.8
* Thu May 7 2015 Laura Abbott <labbott@fedoraproject.org> - 3.19.7-200
- Linux v3.19.7
* Tue May 5 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Backport patch to blacklist TRIM on all Samsung 8xx series SSDs (rhbz
1218662)
- CVE-2015-3636 ping-sockets use-after-free privilege escalation (rhbz 1218074
1218110)
* Thu Apr 30 2015 Laura Abbott <labbott@fedoraproject.org> - 3.19.6-200
- Linux v3.19.6
* Thu Apr 30 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix backlight on various Toshiba machines (rhbz 1206036 1215989)
* Tue Apr 28 2015 Laura Abbott <labbott@fedoraproject.org>
- Fix more missing v4l2 caps
* Fri Apr 24 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-3339 race condition between chown and execve (rhbz 1214030)
- Fix iscsi with QNAP devices (rhbz 1208999)
* Thu Apr 23 2015 Laura Abbott <labbott@fedoraproject.com>
- Fix noisy iwlwifi warning (rhbz 1205083)
* Mon Apr 20 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.19.5-200
- Linux v3.19.5
* Fri Apr 17 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Allow disabling raw mode in logitech-hidpp (rhbz 1210801)
* Wed Apr 15 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add patch to fix tty closure race (rhbz 1208953)
* Mon Apr 13 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.19.4-200
- Linux v3.19.4
* Thu Apr 2 2015 Josh Boyer <jwboyer@fedoraproject.org>
- DoS against IPv6 stacks due to improper handling of RA (rhbz 1203712 1208491)
* Wed Apr 1 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Backport patch to fix tg3 deadlock (rhbz 1207789)
- Fix gssproxy (rhbz 1203913)
- CVE-2015-2150 xen: NMIs triggerable by guests (rhbz 1196266 1200397)
* Thu Mar 26 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.19.3-200
- Linux v3.19.3
* Thu Mar 26 2015 Peter Robinson <pbrobinson@fedoraproject.org>
- Disable the broken CONFIG_MSM_IOMMU
* Tue Mar 24 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix tun bug causing Juniper VPN failure (rhbz 1204512)
* Mon Mar 23 2015 Josh Boyer <jwboyer@fedoraproject.org> - 3.19.2-201
- Enable CONFIG_SND_BEBOB (rhbz 1204342)
- Validate iovec range in sys_sendto/sys_recvfrom
- CVE-2015-2666 execution in the early microcode loader (rhbz 1204724 1204722)
* Mon Mar 23 2015 Peter Robinson <pbrobinson@fedoraproject.org>
- Refix Panda on ARMv7 crash on boot
* Fri Mar 20 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix brightness on Lenovo Ideapad Z570 (rhbz 1187004)
* Thu Mar 19 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.19.2-200
- Linux v3.19.2
* Wed Mar 18 2015 Peter Robinson <pbrobinson@fedoraproject.org>
- Add upstream aarch64 patch to fix hang due to cache invalidation bug
- Fix aarch64 DTBs now they're in vendor sub dirs
* Tue Mar 17 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.19.1-201
- Re-add patch to quiet i915 state machine
* Mon Mar 16 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.19.1-200
- Linux v3.19.1
* Fri Mar 13 2015 Kyle McMartin <kyle@fedoraproject.org>
- arm64-revert-tlb-rcu_table_free.patch: revert 5e5f6dc1 which causes
lockups on arm64 machines.
- Add kernel-4* to .gitignore.
- arm64-fix-ooo-descriptor-read.patch: fix an xgene-enet crash.
* Fri Mar 13 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add patch to support clickpads (rhbz 1201532)
* Thu Mar 12 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-8159 infiniband: uverbs: unprotected physical memory access (rhbz
1181166 1200950)
* Wed Mar 11 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix blank screen after resume with various radeon devices (rhbz 1069027)
- CVE-2015-2150 xen: NMIs triggerable by guests (rhbz 1196266 1200397)
- Patch series to fix Lenovo *40 and Carbon X1 touchpads (rhbz 1200777 1200778)
* Tue Mar 10 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-2042 rds: information handling flaw in sysctl (rhbz 1195355 1199365)
* Mon Mar 9 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.9-200
- Linux v3.18.9
* Mon Mar 2 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add patch to fix nfsd soft lockup (rhbz 1185519)
- Enable ET131X driver (rhbz 1197842)
* Sat Feb 28 2015 Peter Robinson <pbrobinson@fedoraproject.org>
- Fix Panda on ARMv7 crash on boot
* Fri Feb 27 2015 Kyle McMartin <kyle@fedoraproject.org> - 3.18.8-201
- Fix up aarch64 build... mis-merge in kernel-arm64.patch.
* Fri Feb 27 2015 Josh Boyer <jwboyer@fedoraproject.org> - 3.18.8-200
- Linux v3.18.8
* Thu Feb 26 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-1421 sctp: slab corruption from use after free on INIT collisions
(rhbz 1196581 1196595)
* Wed Feb 25 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add support for AR5B195 devices from Alexander Ploumistos (rhbz 1190947)
* Tue Feb 24 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Fix ext4 remount with journal_checksum option (rhbz 1190933)
* Mon Feb 23 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Add patch for HID i2c from Seth Forshee (rhbz 1188439)
- CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz
1193907 1195178)
* Fri Feb 20 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Move mtpspi and related mods to kernel-core for VMWare guests (rhbz 1194612)
* Mon Feb 16 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-XXXX-XXXX potential memory corruption in vhost/scsi driver (rhbz 1189864
1192079)
- CVE-2015-1593 stack ASLR integer overflow (rhbz 1192519 1192520)
* Wed Feb 11 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.7-200
- Linux v3.18.7
- Add disable_native_backlight quirk for Samsung 510R (rhbz 1186097)
* Fri Feb 6 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.6-200
- Linux v3.18.6
* Mon Feb 2 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.5-201
- Fixup adjtimex freq validation on 32bit systems (rhbz 1188074)
* Mon Feb 2 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-XXXX-XXX DoS due to routing packets to too many different dsts/too fast
(rhbz 1183744 1188347)
* Fri Jan 30 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.5-200
- Linux v3.18.5
* Thu Jan 29 2015 Josh Boyer <jwboyer@fedoraproject.org>
- Backport patch from Rob Clark to toggle i915 state machine checks
- Disable i915 state checks
* Tue Jan 27 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.4-200
- Linux v3.18.4
* Tue Jan 27 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2015-0239 kvm: insufficient sysenter emulation from 16-bit (rhbz 1186448
1186453)
* Mon Jan 19 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.3-201
- Add fixes from 3.18.4 queue to fix i915 issues (rhbz 1183232)
- xhci: Check if slot is already in default state before moving it there (rhbz
1183289)
* Fri Jan 16 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.3-200
- Linux v3.18.3
* Thu Jan 15 2015 Justin M. Forbes <jforbes@fedoraproject.org>
- Build fixes for big-endian arches
* Tue Jan 13 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.18.2-200
- Linux v3.18.2
* Mon Jan 12 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-9585 ASLR brute-force possible for vdso (rhbz 1181054 1181056)
- Backlight fixes for Samsung and Dell machines (rhbz 1094948 1115713 1163574)
- Add various UAS quirks (rhbz 1124119)
- Add patch to fix loop in VDSO (rhbz 1178975)
* Thu Jan 8 2015 Justin M. Forbes <jforbes@fedoraproject.org> -
3.17.8-300
- Linux v3.17.8
* Wed Jan 7 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853)
- Enable POWERCAP and INTEL_RAPL
* Tue Jan 6 2015 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-9419 partial ASLR bypass through TLS base addr leak (rhbz 1177260
1177263)
- CVE-2014-9428 remote DoS via batman-adv (rhbz 1178826 1178833)
- Fix CIFS login issue (rhbz 1163927)
* Mon Dec 29 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Enable F2FS (rhbz 972446)
* Thu Dec 18 2014 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-8989 userns can bypass group restrictions (rhbz 1170684 1170688)
- Fix dm-cache crash (rhbz 1168434)
- Fix blk-mq crash on CPU hotplug (rhbz 1175261)
* Wed Dec 17 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Enable USBIP in modules-extra from Johnathan Dieter (rhbz 1169478)
- CVE-2014-XXXX isofs: infinite loop in CE record entries (rhbz 1175235
1175250)
* Tue Dec 16 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Linux v3.17.7
- CVE-2014-8559 deadlock due to incorrect usage of rename_lock (rhbz 1159313
1173814)
- Add patch from Josh Stone to restore var-tracking via Kconfig (rhbz 1126580)
* Mon Dec 15 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Fix ppc64 boot with smt-enabled=off (rhbz 1173806)
- CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
(rhbz 1172797 1174374)
* Fri Dec 12 2014 Kyle McMartin <kyle@fedoraproject.org>
- build in ahci_platform on aarch64 temporarily.
* Fri Dec 12 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Remove pointless warning in cfg80211 (rhbz 1172543)
* Wed Dec 10 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Fix MSI issues on another Samsung pci-e SSD (rhbz 1084928)
- Fix UAS crashes with Seagate and Fresco Logic drives (rhbz 1164945)
- CVE-2014-8134 fix espfix for 32-bit KVM paravirt guests (rhbz 1172765
1172769)
* Mon Dec 8 2014 Justin M. Forbes <jforbes@fedoraproject.org> -
3.17.6-300
- Linux v3.17.6
* Fri Dec 5 2014 Kyle McMartin <kyle@fedoraproject.org> - 3.17.4-303
- arm64-fix-xgene_enet_process_ring.patch: fix a panic under load.
* Thu Dec 4 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.17.4-302
- CVE-2014-9090 local DoS via do_double_fault due to improper SS faults (rhbz
1170691)
* Thu Dec 4 2014 Kyle McMartin <kyle@fedoraproject.org>
- kernel-arm64.patch: update.
- arm64-force-serial-to-be-active-consdev.patch: force serial consoles
to be the primary console device instead of defaulting to tty0. No
changes to drivers outside of ARM-land.
- arm64-vgic-error-to-info.patch: change an error to a warning so that
kvm will work.
* Mon Dec 1 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Add patch to quiet i915 driver on long hdps
- Add patch to fix oops when using xpad (rhbz 1094048)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1249011 - CVE-2015-5697 linux kernel: information leak in md
driver
https://bugzilla.redhat.com/show_bug.cgi?id=1249011
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung