[SECURITY] Fedora 9 Update: kernel-2.6.25.3-18.fc9
updates at fedoraproject.org
updates at fedoraproject.org
Wed May 14 22:15:01 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-3949
2008-05-14 21:05:12
--------------------------------------------------------------------------------
Name : kernel
Product : Fedora 9
Version : 2.6.25.3
Release : 18.fc9
URL : http://www.kernel.org/
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
--------------------------------------------------------------------------------
Update Information:
Update to Linux kernel verion 2.6.25.1, 2.6.25.2, 2.6.25.3:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3 Security
fixes: CVE-2008-1669 (2.6.25.2) - SMP ordering hole in fcntl_setlk()
CVE-2008-2136 (2.6.25.3) - SIT exploitable remote memory leak CVE-2008-1375,
CVE-2008-1675 were fixed in 2.6.25-12.fc9 and are available in GA version of
kernel package shipped in Fedora 9. Bugs fixed: CIFS: fix slashes in path
names to have proper format (#443681)
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 12 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.3-18
- CIFS: fix UNC path prefix to have the correct slash (#443681)
* Mon May 12 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.25.3-17
- Linux 2.6.25.3
Drop patches merged in 2.6.25.3:
linux-2.6.25-sparc64-mmap_check_fix.patch
linux-2.6-md-fix-oops-in-rdev_attr_store.patch
* Wed May 7 2008 Tom "spot" Callaway <tcallawa at redhat.com> 2.6.25.2-16
- Fix sparc64 kernel crash in mmap_check (Dave Miller)
* Wed May 7 2008 Kyle McMartin <kmcmartin at redhat.com> 2.6.25.2-15
- Linux 2.6.25.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #443433 - CVE-2008-1669 kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c
https://bugzilla.redhat.com/show_bug.cgi?id=443433
[ 2 ] Bug #446031 - CVE-2008-2136 kernel: sit: exploitable remote memory leak
https://bugzilla.redhat.com/show_bug.cgi?id=446031
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list