You are here
Home > Preporuke > Sigurnosni nedostaci jezgre operacijskog sustava

Sigurnosni nedostaci jezgre operacijskog sustava

——————————————————————————–
Fedora Update Notification
FEDORA-2019-8846a1a5a2
2019-12-02 01:29:23.163452
——————————————————————————–

Name : kernel
Product : Fedora 30
Version : 5.3.13
Release : 200.fc30
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

——————————————————————————–
Update Information:

The 5.3.13 update contains a number of important fixes across the tree
——————————————————————————–
ChangeLog:

* Mon Nov 25 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.3.13-200
– Fix CVE-2019-14895 (rhbz 1774870 1776139)
– Fix CVE-2019-14896 (rhbz 1774875 1776143)
– Fix CVE-2019-14897 (rhbz 1774879 1776146)
– Fix CVE-2019-14901 (rhbz 1773519 1776184)
– Fix CVE-2019-19078 (rhbz 1776354 1776353)
* Mon Nov 25 2019 Laura Abbott <labbott@redhat.com>
– Linux v5.3.13
* Fri Nov 22 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-19077 rhbz 1775724 1775725
* Thu Nov 21 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.3.12-200
– Fix CVE-2019-19074 (rhbz 1774933 1774934)
– Fix CVE-2019-19073 (rhbz 1774937 1774939)
– Fix CVE-2019-19072 (rhbz 1774946 1774947)
– Fix CVE-2019-19071 (rhbz 1774949 1774950)
– Fix CVE-2019-19070 (rhbz 1774957 1774958)
– Fix CVE-2019-19068 (rhbz 1774963 1774965)
– Fix CVE-2019-19043 (rhbz 1774972 1774973)
– Fix CVE-2019-19066 (rhbz 1774976 1774978)
– Fix CVE-2019-19046 (rhbz 1774988 1774989)
– Fix CVE-2019-19050 (rhbz 1774998 1775002)
– Fix CVE-2019-19062 (rhbz 1775021 1775023)
– Fix CVE-2019-19064 (rhbz 1775010 1775011)
– Fix CVE-2019-19063 (rhbz 1775015 1775016)
– Fix CVE-2019-19059 (rhbz 1775042 1775043)
– Fix CVE-2019-19058 (rhbz 1775047 1775048)
– Fix CVE-2019-19057 (rhbz 1775050 1775051)
– Fix CVE-2019-19053 (rhbz 1775956 1775110)
– Fix CVE-2019-19056 (rhbz 1775097 1775115)
– Fix CVE-2019-19055 (rhbz 1775074 1775116)
– Fix CVE-2019-19054 (rhbz 1775063 1775117)
* Thu Nov 21 2019 Laura Abbott <labbott@redhat.com>
– Linux v5.3.12
* Tue Nov 12 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.3.11-200
– Linux v5.3.11
– Fixes CVE-2019-11135 (rhbz 1753062 1771649)
– Fixes CVE-2018-12207 (rhbz 1646768 1771645)
– Fixes CVE-2019-0154 (rhbz 1724393 1771642)
– Fixes CVE-2019-0155 (rhbz 1724398 1771644)
* Mon Nov 11 2019 Laura Abbott <labbott@redhat.com> – 5.3.10-200
– Linux v5.3.10
* Thu Nov 7 2019 Jeremy Cline <jcline@redhat.com>
– Add support for a number of Macbook keyboards and touchpads (rhbz 1769465)
* Wed Nov 6 2019 Laura Abbott <labbott@redhat.com> – 5.3.9-200
– Linux v5.3.9
* Tue Oct 29 2019 Laura Abbott <labbott@redhat.com> – 5.3.8-200
– Linux v5.3.8
– Fix CVE-2019-17666 (rhbz 1763692)
* Fri Oct 18 2019 Laura Abbott <labbott@redhat.com> – 5.3.7-200
– Linux v5.3.7
* Mon Oct 14 2019 Laura Abbott <labbott@redhat.com> – 5.3.6-200
– Linux v5.3.6
* Fri Oct 11 2019 Laura Abbott <labbott@redhat.com>
– Fix disappearing cursor issue (rhbz 1738614)
* Fri Oct 11 2019 Peter Robinson <pbrobinson@fedoraproject.org>
– Last iwlwifi fix for the recent firmware issues (rhbz 1733369)
* Tue Oct 8 2019 Laura Abbott <labbott@redhat.com> – 5.3.5-200
– Linux v5.3.5 Rebase
* Wed Oct 2 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056
(rhbz 1758239 1758240 1758242 1758243 1758245 1758246 1758248 1758249 1758256 1758257)
* Tue Oct 1 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.18-200
– Linux v5.2.18
* Mon Sep 23 2019 Peter Robinson <pbrobinson@fedoraproject.org>
– Upstream patch for iwlwifi 8000 series FW issues (rhbz: 1749949)
* Mon Sep 23 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.17-200
– Linux v5.2.17
* Thu Sep 19 2019 Laura Abbott <labbott@redhat.com>
– Fix for dwc3 (rhbz 1753099)
* Thu Sep 19 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.16-200
– Linux v5.2.16
– Fix CVE-2019-14821 (rhbz 1746708 1753596)
* Mon Sep 16 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.15-200
– Linux v5.2.15
– Fixes rhbz 1751901
* Tue Sep 10 2019 Justin M. Forbes <jforbes@redhat.com> – 5.2.14-200
– Linux v5.2.14
* Fri Sep 6 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.13-200
– Linux v5.2.13
* Thu Aug 29 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.11-200
– Linux v5.2.11
– Fix CVE-2019-15504 (rhbz 1746725 1746726)
– Fix CVE-2019-15505 (rhbz 1746732 1746734)
– Fix CVE-2019-15538 (rhbz 1746777 1746779)
* Wed Aug 28 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix mwifiex CVE-2019-14814 CVE-2019-14815 CVE-2019-14816
– (rhbz 1744130 1744137 1744149 1746566 1746567)
* Mon Aug 26 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.10-200
– Linux v5.2.10
* Fri Aug 16 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.9-200
– Linux v5.2.9
* Sat Aug 10 2019 Justin M. Forbes <jforbes@redhat.com> – 5.2.8-200
– Linux v5.2.8
* Thu Aug 8 2019 Justin M. Forbes <jforbes@redhat.com> – 5.2.7-200
– Linux v5.2.7
* Tue Aug 6 2019 Laura Abbott <labbott@redhat.com>
– Fix netfilter regression (rhbz 1737171)
* Mon Aug 5 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.6-200
– Linux v5.2.6
– Temporary fixes for (rhbz 1737046 1730762)
* Wed Jul 31 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.5-200
– Linux v5.2.5
– Fix CVE-2019-10207 (rhbz 1733874 1734242)
* Tue Jul 30 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix for screen freezes with i915
* Mon Jul 29 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.2.4-200
– Linux v5.2.4 Rebase
* Fri Jul 26 2019 Jeremy Cline <jcline@redhat.com> – 5.1.20-300
– Linux v5.1.20
* Mon Jul 22 2019 Laura Abbott <labbott@redhat.com>
– Bring in DMA fix (rhbz 1732045)
* Mon Jul 22 2019 Jeremy Cline <jcline@redhat.com> – 5.1.19-300
– Linux v5.1.19
– Fix Xen Security Advisory 300 (rhbz 1731862 1731864)
– Fix a null pointer dereference in the 8250_lpss serial driver (rhbz 1731784)
* Thu Jul 18 2019 Jeremy Cline <jcline@redhat.com>
– Fix CVE-2019-13631 (rhbz 1731000 1731001)
* Mon Jul 15 2019 Jeremy Cline <jcline@redhat.com> – 5.1.18-300
– Linux v5.1.18
* Wed Jul 10 2019 Jeremy Cline <jcline@redhat.com> – 5.1.17-300
– Linux v5.1.17
* Mon Jul 8 2019 Jeremy Cline <jcline@redhat.com>
– Fix a firmware crash in Intel 7000 and 8000 devices (rhbz 1716334)
* Thu Jul 4 2019 Peter Robinson <pbrobinson@fedoraproject.org>
– Fixes for load avg and display on Raspberry Pi
* Wed Jul 3 2019 Jeremy Cline <jcline@redhat.com> – 5.1.16-300
– Linux v5.1.16
– Fix an issue with deleting singular conntrack entries (rhbz 1724357)
* Tue Jun 25 2019 Jeremy Cline <jcline@redhat.com> – 5.1.15-300
– Linux v5.1.15
– Fixes CVE-2019-12817 (rhbz 1720616 1723697)
* Mon Jun 24 2019 Hans de Goede <hdegoede@redhat.com>
– Extend GPD MicroPC LCD panel quirk to also apply to newer BIOS versions
* Mon Jun 24 2019 Jeremy Cline <jcline@redhat.com> – 5.1.14-300
– Linux v5.1.14
* Wed Jun 19 2019 Jeremy Cline <jcline@redhat.com> – 5.1.12-300
– Linux v5.1.12
* Mon Jun 17 2019 Jeremy Cline <jcline@redhat.com> – 5.1.11-300
– Linux v5.1.11
– Fixes CVE-2019-11477 (rhbz 1719123 1721254)
– Fixes CVE-2019-11479 (rhbz 1719129 1721255)
– Fixes CVE-2019-11478 (rhbz 1719128 1721256)
* Mon Jun 17 2019 Jeremy Cline <jcline@redhat.com> – 5.1.10-300
– Linux v5.1.10
* Fri Jun 14 2019 Hans de Goede <hdegoede@redhat.com>
– Fix the LCD panel an Asus EeePC 1025C not lighting up (rhbz#1697069)
– Fix the LCD panel on the GPD MicroPC not working
* Thu Jun 13 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-10126 (rhbz 1716992 1720122)
* Tue Jun 11 2019 Jeremy Cline <jcline@redhat.com> – 5.1.9-300
– Linux v5.1.9
– Fix UDP checkshums for SIP packets (rhbz 1716289)
* Sun Jun 9 2019 Jeremy Cline <jcline@redhat.com> – 5.1.8-300
– Linux v5.1.8
* Fri Jun 7 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-12614 (rhbz 1718176 1718185)
* Thu Jun 6 2019 Jeremy Cline <jcline@redhat.com>
– Fix incorrect permission denied with lock down off (rhbz 1658675)
– Fix an issue with the IPv6 neighbor table (rhbz 1708717)
* Wed Jun 5 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-12456 (rhbz 1717182 1717183)
* Tue Jun 4 2019 Jeremy Cline <jcline@redhat.com> – 5.1.7-300
– Linux v5.1.7
– Fix CVE-2019-12455 (rhbz 1716990 1717003)
– Fix CVE-2019-12454 (rhbz 1716996 1717003)
* Mon Jun 3 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-12378 (rhbz 1715459 1715460)
– Fix CVE-2019-3846 (rhbz 1713059 1715475)
– Fix CVE-2019-12380 (rhbz 1715494 1715495)
– Fix CVE-2019-12381 (rhbz 1715501 1715502)
– Fix CVE-2019-12382 (rhbz 1715554 1715556)
– Fix CVE-2019-12379 (rhbz 1715491 1715706)
* Fri May 31 2019 Laura Abbott <labbott@redhat.com> – 5.1.6-300
– Linux v5.1.6
* Sat May 25 2019 Jeremy Cline <jcline@redhat.com> – 5.1.5-300
– Linux v5.1.5
* Fri May 24 2019 Jeremy Cline <jcline@redhat.com> – 5.1.4-301
– Fix fstrim discarding too many blocks
* Wed May 22 2019 Jeremy Cline <jcline@redhat.com> – 5.1.4-300
– Linux v5.1.4
– Fix an issue with Bluetooth 2.0 and earlier devices (rhbz 1711468)
* Mon May 20 2019 Laura Abbott <labbott@redhat.com> – 5.0.17-300
– Linux v5.0.17
* Tue May 14 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.0.16-300
– Linux v5.0.16
– Fixes CVE-2018-12126 (rhbz 1646781 1709976)
– Fixes CVE-2018-12127 (rhbz 1667782 1709978)
– Fixes CVE-2018-12130 (rhbz 1646784 1709989 1709996)
– Fixes CVE-2019-11091 (rhbz 1705312 1709983)
* Mon May 13 2019 Laura Abbott <labbott@redhat.com> – 5.0.15-300
– Linux v5.0.15
– Fixes CVE-2019-11884 (rhbz 1709837 1709838)
* Thu May 9 2019 Laura Abbott <labbott@redhat.com> – 5.0.14-300
– Linux v5.0.14
* Mon May 6 2019 Laura Abbott <labbott@redhat.com> – 5.0.13-300
– Linux v5.0.13
* Sat May 4 2019 Laura Abbott <labbott@redhat.com> – 5.0.12-300
– Linux v5.0.12
* Thu May 2 2019 Laura Abbott <labbott@redhat.com> – 5.0.11-300
– Linux v5.0.11
* Tue Apr 30 2019 Laura Abbott <labbott@redhat.com> – 5.0.10-300
– Linux v5.0.10
* Tue Apr 30 2019 Hans de Goede <hdegoede@redhat.com>
– Fix wifi on various ideapad models not working (rhbz#1703338)
* Thu Apr 25 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-3900 (rhbz 1698757 1702940)
——————————————————————————–
References:

[ 1 ] Bug #1774870 – CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
https://bugzilla.redhat.com/show_bug.cgi?id=1774870
[ 2 ] Bug #1774875 – CVE-2019-14896 kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c
https://bugzilla.redhat.com/show_bug.cgi?id=1774875
[ 3 ] Bug #1774879 – CVE-2019-14897 kernel: stack-based buffer overflow in add_ie_rates function in drivers/net/wireless/marvell/libertas/cfg.c
https://bugzilla.redhat.com/show_bug.cgi?id=1774879
[ 4 ] Bug #1773519 – CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
https://bugzilla.redhat.com/show_bug.cgi?id=1773519
[ 5 ] Bug #1776353 – CVE-2019-19078 kernel: memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1776353
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-8846a1a5a2’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2019-91f6e7bb71
2019-12-02 01:12:02.774789
——————————————————————————–

Name : kernel
Product : Fedora 31
Version : 5.3.13
Release : 300.fc31
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

——————————————————————————–
Update Information:

The 5.3.13 update contains a number of important fixes across the tree
——————————————————————————–
ChangeLog:

* Mon Nov 25 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.3.13-300
– Fix CVE-2019-14895 (rhbz 1774870 1776139)
– Fix CVE-2019-14896 (rhbz 1774875 1776143)
– Fix CVE-2019-14897 (rhbz 1774879 1776146)
– Fix CVE-2019-14901 (rhbz 1773519 1776184)
– Fix CVE-2019-19078 (rhbz 1776354 1776353)
* Mon Nov 25 2019 Laura Abbott <labbott@redhat.com>
– Linux v5.3.13
* Fri Nov 22 2019 Justin M. Forbes <jforbes@fedoraproject.org>
– Fix CVE-2019-19077 rhbz 1775724 1775725
* Thu Nov 21 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.3.12-300
– Fix CVE-2019-19074 (rhbz 1774933 1774934)
– Fix CVE-2019-19073 (rhbz 1774937 1774939)
– Fix CVE-2019-19072 (rhbz 1774946 1774947)
– Fix CVE-2019-19071 (rhbz 1774949 1774950)
– Fix CVE-2019-19070 (rhbz 1774957 1774958)
– Fix CVE-2019-19068 (rhbz 1774963 1774965)
– Fix CVE-2019-19043 (rhbz 1774972 1774973)
– Fix CVE-2019-19066 (rhbz 1774976 1774978)
– Fix CVE-2019-19046 (rhbz 1774988 1774989)
– Fix CVE-2019-19050 (rhbz 1774998 1775002)
– Fix CVE-2019-19062 (rhbz 1775021 1775023)
– Fix CVE-2019-19064 (rhbz 1775010 1775011)
– Fix CVE-2019-19063 (rhbz 1775015 1775016)
– Fix CVE-2019-19059 (rhbz 1775042 1775043)
– Fix CVE-2019-19058 (rhbz 1775047 1775048)
– Fix CVE-2019-19057 (rhbz 1775050 1775051)
– Fix CVE-2019-19053 (rhbz 1775956 1775110)
– Fix CVE-2019-19056 (rhbz 1775097 1775115)
– Fix CVE-2019-19055 (rhbz 1775074 1775116)
– Fix CVE-2019-19054 (rhbz 1775063 1775117)
* Thu Nov 21 2019 Laura Abbott <labbott@redhat.com>
– Linux v5.3.12
* Tue Nov 12 2019 Justin M. Forbes <jforbes@fedoraproject.org> – 5.3.11-300
– Linux v5.3.11
– Fixes CVE-2019-11135 (rhbz 1753062 1771649)
– Fixes CVE-2018-12207 (rhbz 1646768 1771645)
– Fixes CVE-2019-0154 (rhbz 1724393 1771642)
– Fixes CVE-2019-0155 (rhbz 1724398 1771644)
* Mon Nov 11 2019 Laura Abbott <labbott@redhat.com> – 5.3.10-300
– Linux v5.3.10
* Thu Nov 7 2019 Jeremy Cline <jcline@redhat.com>
– Add support for a number of Macbook keyboards and touchpads (rhbz 1769465)
* Wed Nov 6 2019 Laura Abbott <labbott@redhat.com> – 5.3.9-300
– Linux v5.3.9
* Tue Oct 29 2019 Laura Abbott <labbott@redhat.com> – 5.3.8-300
– Linux v5.3.8
——————————————————————————–
References:

[ 1 ] Bug #1774870 – CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
https://bugzilla.redhat.com/show_bug.cgi?id=1774870
[ 2 ] Bug #1774875 – CVE-2019-14896 kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c
https://bugzilla.redhat.com/show_bug.cgi?id=1774875
[ 3 ] Bug #1774879 – CVE-2019-14897 kernel: stack-based buffer overflow in add_ie_rates function in drivers/net/wireless/marvell/libertas/cfg.c
https://bugzilla.redhat.com/show_bug.cgi?id=1774879
[ 4 ] Bug #1773519 – CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
https://bugzilla.redhat.com/show_bug.cgi?id=1773519
[ 5 ] Bug #1776353 – CVE-2019-19078 kernel: memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1776353
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-91f6e7bb71’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa ClamAV

Otkriveni su sigurnosni nedostaci u programskom paketu ClamAV za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja....

Close