Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Linux
ID: FEDORA-2018-50075276e8
Distribution: Fedora
Plattformen: Fedora 28
Datum: Sa, 14. Juli 2018, 01:05
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13093
Applikationen: Linux

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-50075276e8
2018-07-13 17:31:30.787340
-------------------------------------------------------------------------------
-

Name : kernel
Product : Fedora 28
Version : 4.17.5
Release : 200.fc28
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

-------------------------------------------------------------------------------
-
Update Information:

The v4.17.5 update contains important fixes across the tree
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Jul 9 2018 Jeremy Cline <jcline@redhat.com> - 4.17.5-200
- Linux v4.17.5
- Fix CVE-2018-13405 (rhbz 1599161 1599162)
* Thu Jul 5 2018 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2018-13053 (rhbz 1597747 1597748)
- Fix CVE-2018-12896 (rhbz 1597759 1597760)
- Fix CVE-2018-13093 (rhbz 1597766 1597767)
- Fix CVE-2018-13094 (rhbz 1597771 1597772)
- Fix CVE-2018-13095 (rhbz 1597775 1597777)
* Tue Jul 3 2018 Justin M. Forbes <jforbes@fedoraproject.org> -
4.17.4-200
- Linux v4.17.4
* Fri Jun 29 2018 Jeremy Cline <jeremy@jcline.org>
- Revert the CRNG init patches (rhbz 1572944)
* Thu Jun 28 2018 Jeremy Cline <jeremy@jcline.org>
- Fix CVE-2018-12714 (rhbz 1595835 1595837)
* Tue Jun 26 2018 Laura Abbott <labbott@redhat.com>
- Enable leds-pca9532 module (rhbz 1595163)
* Tue Jun 26 2018 Jeremy Cline <jcline@redhat.com> - 4.17.3-200
- Linux v4.17.3
* Mon Jun 25 2018 Laura Abbott <labbott@fedoraproject.org>
- Some webcam fixes (rhbz 1592454 1590304)
- Fix for armv7 siginfo ABI regression (rhbz 1591516)
* Fri Jun 22 2018 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2018-12633 (rhbz 1594170 1594172)
* Thu Jun 21 2018 Laura Abbott <labbott@fedoraproject.org>
- Fix for Xen MTU issue (rhbz 1584216)
* Thu Jun 21 2018 Peter Robinson <pbrobinson@fedoraproject.org>
- Add fix for 96boards DB410c
* Tue Jun 19 2018 Jeremy Cline <jeremy@jcline.org>
- Re-apply the XPS 13 9370 backlight, ath10k bandwidth, and kexec patches
- Don't log an error if RTC_NVMEM isn't enabled (rhbz 1568276)
* Mon Jun 18 2018 Justin M. Forbes <jforbes@fedoraproject.org> -
4.17.2-200
- Linux v4.17.2 Rebase
* Sun Jun 17 2018 Jeremy Cline <jcline@redhat.com> - 4.16.16-300
- Linux v4.16.16
* Tue Jun 12 2018 Jeremy Cline <jeremy@jcline.org>
- Fix a crash in ath10k when bandwidth changes (rhbz 1577106)
- Fix kexec_file_load pefile signature verification (rhbz 1470995)
* Tue Jun 12 2018 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2018-12232 (rhbz 1590215 1590216)
* Mon Jun 11 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.15-300
- Fix for the keyboard backlight on Dell XPS 13 9370
- Linux v4.16.15
* Mon Jun 11 2018 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2018-10853 (rhbz 1589890 1589892)
* Tue Jun 5 2018 Jeremy Cline <jeremy@jcline.org>
- Enable CONFIG_SCSI_DH on s390x (rhbz 1586189)
* Tue Jun 5 2018 Jeremy Cline <jcline@redhat.com> - 4.16.14-300
- Linux v4.16.14
* Mon Jun 4 2018 Jeremy Cline <jeremy@jcline.org>
- Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (rhbz 1583207)
* Wed May 30 2018 Jeremy Cline <jcline@redhat.com> - 4.16.13-300
- Linux v4.16.13
- Fixes CVE-2018-11506 (rhbz 1583210 1583213)
* Fri May 25 2018 Jeremy Cline <jcline@redhat.com> - 4.16.12-300
- Linux v4.16.12
- Fix CVE-2018-10840 (rhbz 1582346 1582348)
- Fix for incorrect error message about parsing PCCT (rhbz 1435837)
* Tue May 22 2018 Jeremy Cline <jcline@redhat.com> - 4.16.11-300
- Linux v4.16.11
* Mon May 21 2018 Justin M. Forbes <jforbes@fedoraproject.org> -
4.16.10-301
- Fix CVE-2018-3639 (rhbz 1566890 1580713)
* Mon May 21 2018 Jeremy Cline <jcline@redhat.com> - 4.16.10-300
- Linux v4.16.10
* Sun May 20 2018 Hans de Goede <hdegoede@redhat.com>
- Enable GPIO_AMDPT, PINCTRL_AMD and X86_AMD_PLATFORM_DEVICE Kconfig options
to fix i2c and GPIOs not working on AMD based laptops (rhbz#1510649)
* Thu May 17 2018 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2018-1120 (rhbz 1575472 1579542)
* Thu May 17 2018 Jeremy Cline <jcline@redhat.com> - 4.16.9-300
- Linux v4.16.9
- Silence unwanted "swiotlb buffer is full" warnings (rhbz 1556797)
* Wed May 9 2018 Jeremy Cline <jeremy@jcline.org>
- Workaround for m400 uart irq firmware description (rhbz 1574718)
* Wed May 9 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.8-300
- Linux v4.16.8
* Mon May 7 2018 Jeremy Cline <jeremy@jcline.org>
- Fix issue with KVM on older Core 2 processors (rhbz 1566258)
* Sat May 5 2018 Peter Robinson <pbrobinson@fedoraproject.org>
- ARM and Raspberry Pi fixes
- Fix USB-2 on Tegra devices
* Fri May 4 2018 Laura Abbott <labbott@redhat.com>
- Fix for building out of tree modules on powerpc (rhbz 1574604)
* Fri May 4 2018 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2018-10322 (rhbz 1571623 1571624)
- Fix CVE-2018-10323 (rhbz 1571627 1571630)
* Wed May 2 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.7-300
- Linux v4.16.7
* Tue May 1 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.6-302
- Revert the entire random series from 4.16.4 (rhbz 1572944)
* Tue May 1 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.6-301
- Revert the fix for CVE-2018-1108 (rhbz 1572944)
* Mon Apr 30 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.6-300
- Linux v4.16.6
* Fri Apr 27 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.5-300
- Fix an issue with bluetooth autosupsend on some XPS 13 9360 (rhbz 1514836)
- Fix prlimit64 with RLIMIT_CPU ignored (rhbz 1568337)
- Linux v4.16.5
* Fri Apr 27 2018 Peter Robinson <pbrobinson@fedoraproject.org>
- Enable QLogic NICs on ARM
* Wed Apr 25 2018 Jeremy Cline <jeremy@jcline.org>
- Fix a kernel oops when using Thunderbolt 3 docks (rhbz 1565131)
* Tue Apr 24 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.4-300
- Linux v4.16.4
- Fix a regression in backlight interfaces for some laptops (rhbz 1571036)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1599169 - CVE-2018-13406 kernel: Integer overflow in
drivers/video/fbdev/uvesafb.c:uvesafb_setcmap() allows for potential denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1599169
[ 2 ] Bug #1599162 - CVE-2018-13405 kernel: Missing check in
fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1599162
[ 3 ] Bug #1597748 - CVE-2018-13053 kernel: Integer overflow in the
alarm_timer_nsleep function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1597748
[ 4 ] Bug #1597760 - CVE-2018-12896 kernel: Integer overflow in
kernel/time/posix-timers.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1597760
[ 5 ] Bug #1597767 - CVE-2018-13093 kernel: NULL pointer dereference in
lookup_slow function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1597767
[ 6 ] Bug #1597772 - CVE-2018-13094 kernel: NULL pointer dereference in
xfs_da_shrink_inode function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1597772
[ 7 ] Bug #1597777 - CVE-2018-13095 kernel: NULL pointer dereference in
fs/xfs/libxfs/xfs_inode_buf.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1597777
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-50075276e8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X5PPWUVNXGXV3RTYSRURUHRNSOVD62T/
Pro-Linux
Unterstützer werden
Neue Nachrichten
Werbung