[SECURITY] Fedora 7 Update: kernel-2.6.23.15-80.fc7

updates at fedoraproject.org updates at fedoraproject.org
Mon Feb 11 22:38:35 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1422
2008-02-11 20:30:00
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 7
Version     : 2.6.23.15
Release     : 80.fc7
URL         : []
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Update to Linux kernel 2.6.23.15:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.15    Fix vmsplice
local root vulnerability:  CVE-2008-0009: Fixed by update to 2.6.23.15.
CVE-2008-0010: Fixed by update to 2.6.23.15.  CVE-2008-0600: Extra fix from
upstream applied.    Fix memory leak in netlabel code (#352281)  Autoload the
Dell dcdbas driver like in F8 (#326041)  Work around broken Seagate LBA48 disks.
(F8#429364)  Fix futex oops on uniprocessor machine. (F8#429412)  Add support
for new Macbook touchpads. (F8#426574)  Fix the initio driver broken in 2.6.23.
(F8#390531)  Fix segfaults from using vdso=2. (F8#427641)  FireWire updates,
fixing multiple problems.  ACPI: fix multiple problems with brightness controls
(F8#427518)  Wireless driver updates from upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Feb 10 2008 Dave Airlie <airlied at redhat.com> 2.6.23.15-80
- CVE-2008-0600 - remote root vulnerability in vmsplice
* Fri Feb  8 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.15-79
- Linux 2.6.23.15
* Wed Feb  6 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-78
- Bump version.
* Wed Feb  6 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-77
- Use the upstream fix for futex locking.
- Fix oops in netfilter (#259501)
* Tue Feb  5 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-76
- ACPI: sync EC patches with F8
* Tue Feb  5 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-75
- ACPI: fix multiple problems with brightness controls (F8#427518)
* Tue Feb  5 2008 Jarod Wilson <jwilson at redhat.com> 2.6.23.14-74
- FireWire updates from linux1394-git tree, should resolve a
  bunch of FireWire disk issues for people
* Wed Jan 30 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-73
- Fix segfaults from using vdso=2 (F8#427641)
* Fri Jan 25 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-72
- Fix the initio driver broken in 2.6.23. (F8#390531)
* Fri Jan 25 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-71
- Drop obsolete ptrace patch.
* Fri Jan 25 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-70
- Add support for new Macbook touchpads (F8#426574)
* Wed Jan 23 2008 John W. Linville <linville at redhat.com> 2.6.23.14-69
- Latest wireless updates from upstream
- Remove obsolete ath5k and rtl8180 patches
- Add rndis_wext driver
* Tue Jan 22 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-68
- Fix futex oops on uniprocessor machine. (F8#429412)
* Tue Jan 22 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-67
- Work around broken Seagate LBA48 disks (F8#429364)
* Tue Jan 22 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-66
- Fix memory leak in netlabel code (#352281)
* Tue Jan 22 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-65
- Autoload the Dell dcdbas driver like in F8 (#326041)
* Sat Jan 19 2008 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.14-64
- Revert CONFIG_PHYSICAL_START on x86_64.
* Fri Jan 18 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-63
- Fix loss of mouse sync on some systems (F8#427697)
- Revert "libata: allow short SCSI commands for ATAPI devices" (#429353)
* Thu Jan 17 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.14-62
- Set x86 CONFIG_PHYSICAL_START=0x400000 (#309751)
* Thu Jan 17 2008 John W. Linville <linville at redhat.com> 2.6.23.14-61
- More wireless fixes headed for 2.6.24
- More wireless updates headed for 2.6.25
* Mon Jan 14 2008 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.14.60
- Linux 2.6.23.14
* Thu Jan 10 2008 John W. Linville <linville at redhat.com> 2.6.23.13-59
- rt2500usb thinko fix
- b43 N phy pre-support updates
- ath5k cleanups and beacon fixes
* Wed Jan  9 2008 John W. Linville <linville at redhat.com> 2.6.23.13-58
- More wireless fixes for 2.6.24
- More wireless update for 2.6.25
- Enable CONFIG_NL80211
* Wed Jan  9 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.13-57
- Linux 2.6.23.13
* Tue Jan  8 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.23.12-56
- Restore /proc/slabinfo
* Fri Jan  4 2008 John W. Linville <linville at redhat.com> 2.6.23.12-55
- Another round of wireless fixes headed for 2.6.24
- Another round of wireless updates headed for 2.6.25

>>>>>>> 1.3424
* Fri Dec 21 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.12-54
- USB: Use upstream version of the Huawei USB modem fix.
* Wed Dec 19 2007 John W. Linville <linville at redhat.com> 2.6.23.12-53
- Some wireless fixes headed for 2.6.24
- Some wireless updates headed for 2.6.25
* Tue Dec 18 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.12-52
- Linux 2.6.23.12
- Add fixed version of APM emulation patch removed in 2.6.23.10
* Fri Dec 14 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.10-51
- Add compile fixes.
* Fri Dec 14 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.10-50
- Linux 2.6.23.10
* Fri Dec 14 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.9-48
- Update utrace to latest.
* Tue Dec 11 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.9-47
- libata: fix AHCI controller reset
- libata: fix ATAPI tape drives (#243568)
- libata: allow short SCSI commands for ATAPI devices
* Wed Dec  5 2007 John W. Linville <linville at redhat.com> 2.6.23.9-45
- Update wireless bits from current upstream (resync w/ F-8)
- Drop patch to use "old format" firwmare for b43 (unmaintainable)
* Mon Dec  3 2007 Jarod Wilson <jwilson at redhat.com> 2.6.23.9-44
- Improved FireWire OHCI 1.0 Isochronous Receive support (#344851)
* Fri Nov 30 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.9-43
- ALSA: fix missing controls on some drivers
- ACPI: send initial button state on startup
* Fri Nov 30 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.9-42
- Disable e1000 link power management
* Wed Nov 28 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.9-41
- Fix further bugs in init of Huawei USB modem
- Fix libata handling of IO ready test
* Tue Nov 27 2007 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.9-40
- Some USB disks spin themselves down automatically and need
  scsi_device.allow_restart enabled so they'll spin back up.
* Tue Nov 27 2007 John W. Linville <linville at redhat.com> 2.6.23.9-39
- Fix NULL ptr reference in iwlwifi (CVE-2007-5938)
* Tue Nov 27 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.9-37
- Fix SPDIF audio on AD1988 codec (#253777)
* Mon Nov 26 2007 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.9-36
- Linux 2.6.23.9
* Mon Nov 26 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.8-35
- Set CONFIG_USB_DEVICE_CLASS (#362221)
* Thu Nov 22 2007 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.8-33
- Linux 2.6.23.9-rc1
* Wed Nov 21 2007 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.8-32
- Update linux-2.6-wireless.patch to match F-8.
- Fix oops in netfilter NAT module (#259501)
- libata: fix resume on some systems
- libata: fix pata_serverworks with some drive combinations
* Tue Nov 20 2007 Kyle McMartin <kmcmartin at redhat.com> 2.6.23.8-31
- Linux 2.6.23.8
* Thu Nov 15 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-30
- Build in the Crypto crc32c algorithm for iSCSI.
* Wed Nov 14 2007 Jarod Wilson <jwilson at redhat.com> 2.6.23.1-29
- Initial FireWire OHCI 1.0 Isochronous Receive support (#344851)
* Mon Nov 12 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-27
- Disable USB autosuspend by default.
- Fix oops in CIFS when mounting a filesystem a second time.
- Restore platform module autoloading, e.g. pcspkr.
- Fix failure to boot on 486DX4 (and possibily other CPUs.)
* Fri Nov  9 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-26
- Fix the earlier misapplied raid5 patch.
- Fix race in NFS that can cause data corruption.
* Fri Nov  9 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-25
- libata sata_sis:
   fix SCSI transfer lengths and SCR read function.
* Fri Nov  9 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-24
- Fix oopses in the networking code (l2tp, teql).
* Fri Nov  9 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-23
- Update utrace, fixing some powerpc bugs.
- Disable precise scheduler CPU accounting (#340161).
* Tue Nov  6 2007 Dave Airlie <airlied at linux.ie> 2.6.23.1-22
- copy drm fixes from Fedora 8 (bug 228414) + i915 allocation
* Wed Oct 31 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-20
- Copy iwl wireless updates from Fedora 8 (#349981).
- Fix read after direct IO write returning stale data.
- Fix hang in ptrace trying to access beyond end of VMA.
- Add Powerbook HID input driver to x86_64 build (#358721).
* Tue Oct 30 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-18
- Use upstream fixes for monotonic stime/utime.
- Another ACPI suspend/resume fix.
- Disable PCI mmconfig by default (like Fedora 8.)
* Tue Oct 30 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-17
- CIFS: fix reconnect when incomplete packet is received
* Mon Oct 29 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-15
- Fix oops for some x86_64 systems with AGP (#249174, #336281)
- Properly synchronize IRQs
- CIFS: fix file corruption when server returns EAGAIN (F8 #357001)
- serial: support new Wacom pads (F8 #352811)
- md/raid5: fix data corruption race
- i386: TSC calibration fixes
- x86_64: fix races in TLB flushing code
* Mon Oct 29 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-14
- Enable hamradio drivers.
* Wed Oct 24 2007 Roland McGrath <roland at redhat.com> 2.6.23.1-13
- Install System.map in kernel-devel packages.
* Tue Oct 23 2007 John W. Linville <linville at redhat.com> 2.6.23.1-12
- remove problematic hunk from ath5k fixes patch
* Mon Oct 22 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-11
- Don't create /sys/module/nousb/ (bz #242715)
* Fri Oct 19 2007 John W. Linville <linville at redhat.com> 2.6.23.1-10
- iwl4965-base.c: fix off-by-one errors
- ipw2100: send WEXT scan events
- rt2x00: Add new rt73usb USB ID
- zd1211rw, fix oops when ejecting install media
- rt2x00: Fix residual check in PLCP calculations.
- rtl8187: Fix more frag bit checking, rts duration calc
- iwlwifi: set correct base rate for A band in rs_dbgfs_set_mcs
- iwlwifi: Fix rate setting in probe request for HW scan
* Thu Oct 18 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-9
- Add missing ACPI patch.
- Switch to upstream libata DMA disable code
  (libata.pata_dma parameter is now libata.dma)
- Remove some new/experimental items from config.
* Thu Oct 18 2007 John W. Linville <linville at redhat.com> 2.6.23.1-7
- avoid null ptr dereference in rx path of zd1201 driver
* Wed Oct 17 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-6
- latest ath5k from Fedora 8
- fix another suspend/resume bug
* Wed Oct 17 2007 John W. Linville <linville at redhat.com> 2.6.23.1-5
- iee80211: fix an endian bug
- mac80211: change BSSID list key to (BSSID, SSID, frequency) tuple
- mac80211: make honor IW_SCAN_THIS_ESSID
- mac80211: don't fail IE parse if junk at end of frame
* Fri Oct 12 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23.1-4
- Linux 2.6.23.1
- Firewire multi-LUN fixes (#242254)
- Fix lockdep problems in Firewire
- Fix CPU time accounting
* Wed Oct 10 2007 Chuck Ebbert <cebbert at redhat.com> 2.6.23-1
- Linux 2.6.23
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #352281 - Kernel memory leak with lots of threads?
        https://bugzilla.redhat.com/show_bug.cgi?id=352281
  [ 2 ] Bug #326041 - Messages appear in /var/log/messages every few seconds; kernel module not loaded
        https://bugzilla.redhat.com/show_bug.cgi?id=326041
  [ 3 ] Bug #432283 - [SECURITY] CVE-2008-0600 local escalation of privilege
        https://bugzilla.redhat.com/show_bug.cgi?id=432283
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the package-announce mailing list