[SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2944.fc6

Chuck Ebbert cebbert at redhat.com
Fri Apr 13 19:55:49 UTC 2007 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-432
2007-04-13
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : kernel
Version     : 2.6.20
Release     : 1.2944.fc6
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

---------------------------------------------------------------------
Update Information:

Updated to upstream linux kernel 2.6.20.6:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.6

CVE-2007-1357:
The atalk_sum_skb function in AppleTalk for Linux kernel
2.6.x before 2.6.21, and possibly 2.4.x, allows remote
attackers to cause a denial of service (crash) via an
AppleTalk frame that is shorter than the specified length,
which triggers a BUG_ON call when an attempt is made to
perform a checksum.

CVSS Severity: 3.3 (Low) 


Plus additional fixes:
Bugfix for ATI SB600 SATA
Routing bugfix
Libata LBA48 bugfix
Update libata NCQ blacklist
Libata request sense bugfix
SCSI error handler fix

---------------------------------------------------------------------
* Tue Apr 10 2007 Chuck Ebbert <cebbert at redhat.com>		1.2944
- 2.6.20.5
- 2.6.20.6
- GFS2 update (1414)
- additional bugfixes (1820-1828)
* Wed Apr  4 2007 Markus Armbruster <armbru at redhat.com>
- Xen kernel profiling fix is broken, back it out.
* Tue Apr  3 2007 Chuck Ebbert <cebbert at redhat.com>		1.2942
- 2.6.20.5-rc1 plus two fixes for broken -rc1 patches.
- Remove patches that are now in 20.5-rc1.
- 2106: move firmware timeout patch to here.
- 2107: Disable PCI MSI and MMCONFIG by default,
  add options to enable them.
* Mon Apr  2 2007 Markus Armbruster <armbru at redhat.com>
- Xen kernel:
  >4G guest fix (Steven Rostedt )
  fix nosegneg detection (Rik van Riel )
  Use swiotlb mask for coherent mappings too (Herbert Xu )
  Fix potential grant entry leaks on error (Herbert Xu )
  Fix agp on x86_64 under Xen (Stephen C. Tweedie )
  netback: Reenable TX queueing and drop pkts after timeout (Herbert Xu )
  make ballooning work right (Rik van Riel )
  Fix xen swiotlb for b44 module (Stephen C. Tweedie )
  Copy shared data before verification (Herbert Xu )
  Properly close block frontend on non-existant file (Glauber de Oliveira Costa )
  blkback: Fix potential grant entry leaks on error (Rik van Riel )
  blkback: Copy shared data before verification (Rik van Riel)
  netback: Fix wrap to zero in transmit credit scheduler. (Herbert Xu )
  fix 2TB overflow in virtual disk driver (Rik van Riel )
  blkback: Fix first_sect check. (Rik van Riel )
  make netfront device permanent (Glauber de Oliveira Costa )
  fix iSCSI root oops on x86_64 xen domU (Rik van Riel )
  Avoid touching the watchdog when gone for too long (Glauber de Oliveira Costa )
  fix profiling (Rik van Riel )
  privcmd: Range-check hypercall index. (Herbert Xu )
  Fix spinlock bad magic when removing xennet device (Chris Lalancette )
- Add PACKET_AUXDATA cmsg (Herbert Xu )
* Fri Mar 30 2007 Jarod Wilson <jwilson at redhat.com>
- Overhaul ordering of build/don't build flag setting,
  such that nothing set at the top gets overridden
  later in the spec
- Add support for --with/--without build flags as an
  alternative way to disable/enable specific builds
- Add %buildid define to make it easier/more obvious
  how to tag a one-off build
* Thu Mar 29 2007 Chuck Ebbert <cebbert at redhat.com>
- 1413: GFS2 update
- enable kernel options:
    CONFIG_NF_CONNTRACK_PROC_COMPAT (#234174)
    CONFIG_SECURITY_NETWORK_XFRM (requested for LSPP)
- added patches
    1819 - 1823: 2.6.20.5 DVB patches from maintainer
    1824       : bt8xx autoload
    1825       : i2o block driver (#228946)
    1826       : classifier null deref
    1827       : ide error recovery
    1828       : mmap don't spam logs
    1829       : net scheduler locking
    1830       : NFS allow 64bit cookies
    1831       : softmac (#234320)
    1832       : bluetooth quirk (#230534)
    1833       : firmware timeout
    1834       : udf patches from -mm
    1835       : i82875p edac pci unhide
* Mon Mar 26 2007 Chuck Ebbert <cebbert at redhat.com>
- 2.6.20.4, which adds:
    fix for audit deadlock (#232845)
    fix for SCSI tape wrong block size (#224120)
- added test patches 1800 thru 1818
    1800, 1801: CIFS (#221081)
    1802, 1803: DVB cx88 (#233416)
    1804      : ide drive speed (#232147, #216374)
    1806, 1807: sata_mv (#232811)
    1808      : sky2 timeouts (#227420)
    1809, 1810: ich7 (#216374)
    1811, 1818: jmicron sata (#224680, #230838)
    1812      : libata clear tf (#232991)
    1815      : msix interrupts (#225399)
    1817      : sata_nv NCQ (#232895)
* Wed Mar 21 2007 Markus Armbruster <armbru at redhat.com>
- Xen hypervisor:
  Enable Xen booting on machines with > 64G (Chris Lalancette )
  fix TLB flushing in shadow pagetable mode (Rik van Riel )
  quick fix for Cannot allocate memory (Steven Rostedt )
  Register PIT handlers to the correct domain (Herbert Xu )
  Replace inappropriate domain_crash_synchronous use (Herbert Xu )
  Make HVM hypercall table NR_hypercalls entries big. (Herbert Xu )
  >4G guest fix (Steven Rostedt )
  emulate PIT channels for vbios support (Stephen C. Tweedie )
  Race condition concerning VLAPIC interrupts (Bhavana Nagendra )
  emulation for accesses faulting on a page boundary (Stephen C. Tweedie )
  make ballooning work right (xen part) (Rik van Riel )
  HVM crashes on IA32e SMP (Glauber de Oliveira Costa )
  Fix for SMP Xen guest slow boot issue on AMD systems (Bhavana Nagendra )
  Fix xen swiotlb for b44 module (xen part) (Stephen C. Tweedie )
  upstream patches to make Windows Vista work (Steven Rostedt)
  AMD-V HVM fix for Windows hibernate (Bhavana Nagendra )
  fix vcpu hotplug statistics (Rik van Riel )
  xen pae >4GB patch (Don Zickus)
  AMD-V HVM windows guest boot menu timer issue (Steven Rostedt)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

cd81e110081d6e190ce715d1e2c57e92504a6c99  SRPMS/kernel-2.6.20-1.2944.fc6.src.rpm
cd81e110081d6e190ce715d1e2c57e92504a6c99  noarch/kernel-2.6.20-1.2944.fc6.src.rpm
28667cb82ba296784747da16d033cf184c5992b9  ppc/kernel-smp-2.6.20-1.2944.fc6.ppc.rpm
8aac83f721f6a7cdd38c13edf3a5b241a43c5eab  ppc/kernel-devel-2.6.20-1.2944.fc6.ppc.rpm
bfdb749208ea31f9c7ef803e9c6ba574fc979b88  ppc/kernel-headers-2.6.20-1.2944.fc6.ppc.rpm
4278e56e01040ab3c048b72daa453dced08c453c  ppc/kernel-2.6.20-1.2944.fc6.ppc.rpm
4e0cb256f9175e7bc6bb3d7076b028eb775f817d  ppc/debug/kernel-smp-debuginfo-2.6.20-1.2944.fc6.ppc.rpm
5b3aad8a3ec91e6872ac95f41779f849f28e0ec1  ppc/debug/kernel-debuginfo-common-2.6.20-1.2944.fc6.ppc.rpm
a48d360a041a93d7ce55d8d273ff990855d6e242  ppc/kernel-smp-devel-2.6.20-1.2944.fc6.ppc.rpm
06327dd2c40a27daeb35b1ac2f9ee25e9e95853c  ppc/debug/kernel-debuginfo-2.6.20-1.2944.fc6.ppc.rpm
b20448402504096a5326a8200d5582ef2bd17921  ppc/kernel-doc-2.6.20-1.2944.fc6.noarch.rpm
cf1cf04b56b565c3962b652f6e36eb348b462d24  x86_64/kernel-xen-2.6.20-1.2944.fc6.x86_64.rpm
91496dab7b7289ba8d7628190fddf055715c7473  x86_64/debug/kernel-debuginfo-common-2.6.20-1.2944.fc6.x86_64.rpm
2d11a0cd8981926d6618b6c1c78d2a84e501bce0  x86_64/kernel-kdump-2.6.20-1.2944.fc6.x86_64.rpm
99d2955ca3dd70c53e2dbdb059fee7b559703c14  x86_64/kernel-2.6.20-1.2944.fc6.x86_64.rpm
6a8ad0a723f6b5abddb06244a75e5184b777144a  x86_64/debug/kernel-debuginfo-2.6.20-1.2944.fc6.x86_64.rpm
87173f32aa13c23af11de3963910d2136ef2e26d  x86_64/debug/kernel-xen-debuginfo-2.6.20-1.2944.fc6.x86_64.rpm
126e7f63d8e2c19a9784e05964aa9482b56e0e81  x86_64/kernel-xen-devel-2.6.20-1.2944.fc6.x86_64.rpm
415eab5273d03393fbc5be144c17ed74ebebaad6  x86_64/debug/kernel-debug-debuginfo-2.6.20-1.2944.fc6.x86_64.rpm
56500e8a8af230787842cd2cc7101635599a83e6  x86_64/kernel-debug-2.6.20-1.2944.fc6.x86_64.rpm
0f1c5a9cbde3bac90b0f291e266863e9f7856c3f  x86_64/kernel-devel-2.6.20-1.2944.fc6.x86_64.rpm
09676283d7d2ae1502faf6f3f82674aea46e6945  x86_64/kernel-kdump-devel-2.6.20-1.2944.fc6.x86_64.rpm
b29db45a12fe55cc403193a7e73ac568a729052f  x86_64/kernel-debug-devel-2.6.20-1.2944.fc6.x86_64.rpm
d3b1bca2438859c88af4b3e2671e1c39f2cd50e1  x86_64/debug/kernel-kdump-debuginfo-2.6.20-1.2944.fc6.x86_64.rpm
8014f018cbd98f71186a3bad05d070d74bf1d34d  x86_64/kernel-headers-2.6.20-1.2944.fc6.x86_64.rpm
b20448402504096a5326a8200d5582ef2bd17921  x86_64/kernel-doc-2.6.20-1.2944.fc6.noarch.rpm
9a032125a134931873c76430ef92eca73e491913  i386/kernel-headers-2.6.20-1.2944.fc6.i386.rpm
c16f2bd01e7987e3c22991bcbad61ae66da9756d  i386/debug/kernel-debuginfo-common-2.6.20-1.2944.fc6.i586.rpm
75bc941696be8dbb11f7cd5872ef11811afc8237  i386/kernel-devel-2.6.20-1.2944.fc6.i586.rpm
35140fe3df7272f13344c7c0c4731536dcf890f9  i386/kernel-2.6.20-1.2944.fc6.i586.rpm
de678f30b3c60fea233e7e6653efdacab552cbf5  i386/debug/kernel-debuginfo-2.6.20-1.2944.fc6.i586.rpm
1acf346b282abea601ecdf3a4473f29a23547d65  i386/debug/kernel-PAE-debug-debuginfo-2.6.20-1.2944.fc6.i686.rpm
5ee11fb01c2a80f962fd7528db8b2328fd3f4f06  i386/debug/kernel-debuginfo-2.6.20-1.2944.fc6.i686.rpm
837c7c60db082ccd9ce801d23acbc61c310720d5  i386/kernel-debug-2.6.20-1.2944.fc6.i686.rpm
993a3a7f784bdaa023fe5cbad9ad76b441e457f2  i386/debug/kernel-PAE-debuginfo-2.6.20-1.2944.fc6.i686.rpm
3b41a2e5fd906b11c31a27d8d340a906edbb493c  i386/kernel-xen-2.6.20-1.2944.fc6.i686.rpm
7e6fa068f0b2905836dc9eddaa5ef5794e94c5ec  i386/kernel-xen-devel-2.6.20-1.2944.fc6.i686.rpm
81006a36a0c5123e5acdddf62531ca0c6949bae8  i386/kernel-PAE-devel-2.6.20-1.2944.fc6.i686.rpm
ba2758b29edaeea6c6f554098d11972bff559534  i386/kernel-PAE-debug-2.6.20-1.2944.fc6.i686.rpm
53a185ad75df2b89038745c9b23055230c4e81be  i386/kernel-PAE-debug-devel-2.6.20-1.2944.fc6.i686.rpm
193cac43e6f6526554c5c022347ddffb914342be  i386/kernel-kdump-devel-2.6.20-1.2944.fc6.i686.rpm
0c57eb20cfb66801c02ea1b67f3424ca9c47a8a1  i386/debug/kernel-debug-debuginfo-2.6.20-1.2944.fc6.i686.rpm
b9a0bb35ff1e5593116d9ae81332baad3abb2449  i386/kernel-2.6.20-1.2944.fc6.i686.rpm
99174ac6fdae69f3ea82faf8150f28faa783a789  i386/kernel-kdump-2.6.20-1.2944.fc6.i686.rpm
33e2c2dba89464df8422b8dce3164a13e825e9ff  i386/kernel-debug-devel-2.6.20-1.2944.fc6.i686.rpm
70e761f781d9cdf6fe33512cd5b3b234492fe2af  i386/debug/kernel-xen-debuginfo-2.6.20-1.2944.fc6.i686.rpm
9d3191893ccb78fa179699a55471a1390ce0b8a5  i386/kernel-PAE-2.6.20-1.2944.fc6.i686.rpm
b002c4f36580306ff620fb74f2ddfc3171c3b46b  i386/debug/kernel-kdump-debuginfo-2.6.20-1.2944.fc6.i686.rpm
c359268bb1a03f6c884358a4f945a5dd2e1916ff  i386/kernel-devel-2.6.20-1.2944.fc6.i686.rpm
ff47a85ba991b9988ecda8e8720ae8441c968c4e  i386/debug/kernel-debuginfo-common-2.6.20-1.2944.fc6.i686.rpm
b20448402504096a5326a8200d5582ef2bd17921  i386/kernel-doc-2.6.20-1.2944.fc6.noarch.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

More information about the Fedora-package-announce mailing list