[SECURITY] Fedora 9 Update: kernel-2.6.25.6-55.fc9
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jun 13 02:27:41 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-5308
2008-06-12 23:43:08
--------------------------------------------------------------------------------
Name : kernel
Product : Fedora 9
Version : 2.6.25.6
Release : 55.fc9
URL : http://www.kernel.org/
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
--------------------------------------------------------------------------------
Update Information:
Update to kernel 2.6.25.6:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673:
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6
before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the
gxsnmp package; does not properly validate length values during decoding of
ASN.1 BER data, which allows remote attackers to cause a denial of service
(crash) or execute arbitrary code via (1) a length greater than the working
buffer, which can lead to an unspecified overflow; (2) an oid length of zero,
which can lead to an off-by-one error; or (3) an indefinite length for a
primitive encoding. Bugs fixed: 447518 - Call to capget() overflows buffers
448056 - applesmc filling log file 450191 - DMA mode disabled for DVD drive,
reverts to PIO4 439197 - thinkpad x61t crash when undocking 445761 -
MacBook4,1 keyboard and trackpad do not work properly 447812 - Netlink messages
from "tc" to sch_netem module are not interpreted correctly 449817 - SD card
reader causes kernel panic during startup if card inserted 242208 - Freeze On
Boot w/ Audigy PCMCIA 443552 - Kernel 2.6.25 + Wine = hang Additional bugs
fixed: F8#224005 - pata_pcmcia fails F8#450499 - kernel-2.6.25.4-10.fc8 breaks
setkey -m tunnel options in ipsec F8#445553 - DMAR (intel_iommu) broken on yet
another machine Additional updates/fixes: - Upstream wireless updates from
2008-05-22 (http://marc.info/?l=linux-wireless&m=121146112404515&w=2) -
Upstream wireless fixes from 2008-05-28 (http://marc.info/?l=linux-
wireless&m=121201250110162&w=2) - Fix oops in lirc_i2c module - Add lirc
support for additional MCE receivers - Upstream wireless fixes from 2008-06-03
(http://marc.info/?l=linux-wireless&m=121252137324941&w=2) - Add kernel 3D
support for ATI Radeon R500 (X1300-X1950)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 10 2008 Roland McGrath <roland at redhat.com> - 2.6.25.6-54
- Fix spurious BUG_ON in tracehook_release_task. (#443552)
* Mon Jun 9 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.6-53
- Fix oops in wbsd MMC driver when card is present during boot (#449817)
* Mon Jun 9 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.6-52
- Fix init if af_key sockets (F8#450499)
* Mon Jun 9 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.6-51
- Sync ACPI patches with F-8 kernel.
* Mon Jun 9 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.6-50
- Linux 2.6.25.6
- Dropped patches:
linux-2.6-x86-fix-asm-constraint-in-do_IRQ.patch
linux-2.6-x86-pci-revert-remove-default-rom-allocation.patch
linux-2.6-x86-dont-read-maxlvt-if-apic-unmapped.patch
linux-2.6-x86-fix-setup-of-cyc2ns-in-tsc_64.patch
linux-2.6-x86-prevent-pge-flush-from-interruption.patch
linux-2.6-cifs-fix-unc-path-prefix.patch
linux-2.6-ext34-xattr-fix.patch
linux-2.6-xfs-small-buffer-reads.patch
linux-2.6-net-iptables-add-xt_iprange-aliases.patch
linux-2.6-caps-remain-source-compatible-with-32-bit.patch
linux-2.6-libata-force-hardreset-in-sleep-mode.patch
- Updated patches:
linux-2.6-input-fix_fn_key_on_macbookpro_4_1_and_mb_air.patch
* Fri Jun 6 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.5-49
- Fix the specfile to match the kernel version.
* Fri Jun 6 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.5-48
- Linux 2.6.25.5
* Fri Jun 6 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-47
- Make 64-bit capabilities backwards-compatible with old user programs (#447518)
* Fri Jun 6 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-46
- Fix Audigy2 ZS audio adapter hang (#242208)
* Thu Jun 5 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-45
- Kill spurious applesmc debug messages (#448056)
* Thu Jun 5 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-44
- Make DMA work again on atiixp PATA devices (#450191)
* Thu Jun 5 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-43
- Fix docking when docking station has a bay device (bug reported on IRC.)
* Tue Jun 3 2008 John W. Linville <linville at redhat.com> 2.6.25.4-42
- Upstream wireless fixes from 2008-06-03
(http://marc.info/?l=linux-wireless&m=121252137324941&w=2)
* Mon Jun 2 2008 Jarod Wilson <jwilson at redhat.com> 2.6.25.4-41
- Fix oops in lirc_i2c module
- Add lirc support for latest MCE receivers
* Thu May 29 2008 John W. Linville <linville at redhat.com> 2.6.25.4-39
- Upstream wireless fixes from 2008-05-28
(http://marc.info/?l=linux-wireless&m=121201250110162&w=2)
* Wed May 28 2008 Dave Airlie <airlied at redhat.com> 2.6.25.4-38
- drm-radeon-update.patch - Add R500 support along with updated radeon driver
* Wed May 28 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-37
- Fix parsing of netlink messages (#447812)
* Tue May 27 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-36
- Fix two hard-to-reproduce x86 bugs:
x86: fix sched_clock when calibrated against PIT
x86: don't allow flush_tlb_all to be interrupted
* Tue May 27 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-35
- input: fix function keys on macbook pro 4,1 and air (#445761)
* Tue May 27 2008 John W. Linville <linville at redhat.com> 2.6.25.4-34
- Upstream wireless updates from 2008-05-22
(http://marc.info/?l=linux-wireless&m=121146112404515&w=2)
* Tue May 27 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-33
- libata: fix hangs on undock (#439197)
- libata: fix problems with some old/broken CF hardware (F8 #224005)
* Thu May 22 2008 Dave Jones <davej at redhat.com> 2.6.25.4-32
- Disable CONFIG_DMAR. This is terminally broken in the presence of a broken BIOS
* Wed May 21 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-31
- Clean up specfile a bit.
* Wed May 21 2008 John W. Linville <linville at redhat.com> 2.6.25.4-30
- libertas: Fix ethtool statistics
- mac80211: fix NULL pointer dereference in ieee80211_compatible_rates
- mac80211: don't claim iwspy support
- rtl8187: resource leak in error case
- hostap_cs: add ID for Conceptronic CON11CPro
- orinoco_cs: add ID for SpeedStream wireless adapters
* Tue May 20 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-29
- virtio_net: free transmit skbs in a timer (#444765)
* Tue May 20 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-28
- Disable the group scheduler (CONFIG_GROUP_SCHED) (#446192)
- x86: don't read the APIC if it's not mapped (#447183)
* Tue May 20 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-27
- x86: don't map VDSO into userspace when it's disabled (#229304)
- x86: fix ASM constraint in do_IRQ()
- x86: map PCI ROM by default again (F8 #440644)
* Mon May 19 2008 John W. Linville <linville at redhat.com> 2.6.25.4-26
- Re-sync wireless bits w/ current upstream
* Mon May 19 2008 Dave Jones <davej at redhat.com> 2.6.25.4-24
- Disable PATA_ISAPNP (it's busted).
* Fri May 16 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-23
- ALSA: add support for AD1883/1884A/1984A/1984B codecs and Thinkpad X300 (#445954)
* Fri May 16 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-22
- iptables: make firewall scripts using iprange work again (#446827)
- Enable the snd-serial-u16550 audio driver (#446783)
* Fri May 16 2008 Eric Sandeen <esandeen at redhat.com> 2.6.25.4-21
- xfs: Fix memory corruption with small buffer reads (kernel.org #10421)
* Thu May 15 2008 Eric Sandeen <esandeen at redhat.com> 2.6.25.4-20
- ext3/4: fix uninitialized bs in ext3/4_xattr_set_handle()
* Thu May 15 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.4-19
- Linux 2.6.25.4
Dropped patches:
- linux-2.6.25-sparc64-semctl.patch
- linux-2.6-libata-ata_piix-check-sidpr.patch
* Mon May 12 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.3-18
- CIFS: fix UNC path prefix to have the correct slash (#443681)
* Mon May 12 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.3-17
- Linux 2.6.25.3
Drop patches merged in 2.6.25.3:
linux-2.6.25-sparc64-mmap_check_fix.patch
linux-2.6-md-fix-oops-in-rdev_attr_store.patch
* Wed May 7 2008 Tom "spot" Callaway <tcallawa at redhat.com> 2.6.25.2-16
- Fix sparc64 kernel crash in mmap_check (Dave Miller)
* Wed May 7 2008 Kyle McMartin <kmcmartin at redhat.com> 2.6.25.2-15
- Linux 2.6.25.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #447518 - Call to capget() overflows buffers
https://bugzilla.redhat.com/show_bug.cgi?id=447518
[ 2 ] Bug #449817 - SD card reader causes kernel panic during startup if card inserted
https://bugzilla.redhat.com/show_bug.cgi?id=449817
[ 3 ] Bug #443552 - Kernel 2.6.25 + Wine = hang
https://bugzilla.redhat.com/show_bug.cgi?id=443552
[ 4 ] Bug #242208 - Freeze On Boot w/ Audigy PCMCIA
https://bugzilla.redhat.com/show_bug.cgi?id=242208
[ 5 ] Bug #450191 - DMA mode disabled for DVD drive, reverts to PIO4
https://bugzilla.redhat.com/show_bug.cgi?id=450191
[ 6 ] Bug #448056 - applesmc filling log file
https://bugzilla.redhat.com/show_bug.cgi?id=448056
[ 7 ] Bug #445761 - MacBook4,1 keyboard and trackpad do not work properly
https://bugzilla.redhat.com/show_bug.cgi?id=445761
[ 8 ] Bug #447812 - Netlink messages from "tc" to sch_netem module are not interpreted correctly
https://bugzilla.redhat.com/show_bug.cgi?id=447812
[ 9 ] Bug #439197 - thinkpad x61t crash when undocking
https://bugzilla.redhat.com/show_bug.cgi?id=439197
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list