You are here
Home > Preporuke > Ranjivost jezgre operacijskog sustava

Ranjivost jezgre operacijskog sustava

——————————————————————————–
Fedora Update Notification
FEDORA-2014-8519
2014-07-19 05:14:14
——————————————————————————–

Name : kernel
Product : Fedora 20
Version : 3.15.6
Release : 200.fc20
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

——————————————————————————–
Update Information:

Update to latest upstream stable release, Linux v3.15.6. Fixes across the tree.
——————————————————————————–
ChangeLog:

* Thu Jul 17 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.15.6-200
– Linux v3.15.6
– CVE-2014-4943 pppol2tp level handling (rhbz 1119458 1120542)
* Wed Jul 16 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Enable hermes prism driver (rhbz 1120393)
* Mon Jul 14 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.15.5-200
– Linux v3.15.5
– Fix i915 regression with external monitors (rhbz 1117008)
* Fri Jul 11 2014 Peter Robinson <pbrobinson@fedoraproject.org>
– Enable ISL12057 RTC for ARM (NetGear ReadyNAS)
* Mon Jul 7 2014 Justin M. Forbes <jforbes@fedoraproject.org> 3.15.4-200
– Linux v3.15.4
– Fixes CVE-2014-4715 (rhbz 1115767 1116362)
– Fixes CVE-2014-4699 (rhbz 1115927 1116477)
* Tue Jul 1 2014 Justin M. Forbes <jforbes@fedoraproject.org> 3.15.3-200
– Linux v3.15.3
– drm/i915: Fix backlight regression caused by misconfigured VBT
* Tue Jul 1 2014 Hans de Goede <hdegoede@redhat.com>
– Add min/max quirk for the ThinkPad Edge E531 touchpad (rhbz#1114768)
* Mon Jun 30 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.15.2-200
– Backport netfilter panic fix (rhbz 1015989)
* Mon Jun 30 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– Linux v3.15.2
* Fri Jun 27 2014 Hans de Goede <hdegoede@redhat.com>
– Add patch to fix wifi on lenove yoga 2 series (rhbz#1021036)
* Thu Jun 26 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.14.9-200
– Linux v3.14.9
* Wed Jun 25 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Revert commit that breaks Wacom Intuos4 from Benjamin Tissoires
– CVE-2014-0206 aio: insufficient head sanitization in aio_read_events_ring (rhbz 1094602 1112975)
* Mon Jun 23 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-4508 BUG in x86_32 syscall auditing (rhbz 1111590 1112073)
* Fri Jun 20 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Bring in intel_pstate regression fixes for BayTrail (rhbz 1111920)
* Mon Jun 16 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.14.8-200
– Linux v3.14.8
* Mon Jun 16 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-4014 possible priv escalation in userns (rhbz 1107966 1109836)
* Wed Jun 11 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.14.7-200
– Fix elantech right click on Dell vostro 5470 (rhbz 1103528)
– Fix fstrim on dm-thin volume data (rhbz 1106856)
– Fix NFS NULL pointer deref with ipv6 (rhbz 1099761)
– Fix promisc mode on certain e1000e cards (rhbz 1064516)
– Fix i915 backlight issue on gen4 (rhbz 1094066)
– Linux v3.14.7
* Sat Jun 7 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.14.6-200
– Linux v3.14.6
* Fri Jun 6 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-3153 futex: pi futexes requeue issue (rhbz 1103626 1105609)
– CVE-2014-3940 missing check during hugepage migration (rhbz 1104097 1105042)
* Tue Jun 3 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add fix for team MTU settings from Jiri Pirko (rhbz 1099857)
– Backport fix for issues with Quagga introduced by CVE fixes (rhbz 1097684)
* Mon Jun 2 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.14.5-200
– Linux v3.14.5
* Thu May 29 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-3917 DoS with syscall auditing (rhbz 1102571 1102715)
* Fri May 23 2014 Peter Robinson <pbrobinson@fedoraproject.org>
– Re-add rebased Beagle patch set for 3.14 (RHBZ 1094768)
– Drop some no longer needed ARM patches
* Tue May 20 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Backport patch to add new elantech touchpad support (rhbz 1051668)
* Wed May 14 2014 Hans de Goede <hdegoede@redhat.com>
– Add synaptics min/max quirk patch for the ThinkPad W540 (rhbz 1096436)
* Tue May 13 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.14.4-200
– Linux v3.14.4
* Mon May 12 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-3144/CVE-2014-3145 filter: prevent nla from peeking beyond eom (rhbz 1096775, 1096784)
* Fri May 9 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-1738 CVE-2014-1737 floppy: priv esclation (rhbz 1094299 1096195)
* Thu May 8 2014 Neil Horman <nhorman@redhat.com>
– Fix dma unmap error in jme driver (rhbz 1082266)
* Tue May 6 2014 Josh Boyer <jwboyer@fedoraproject.org> 3.14.3-200
– CVE-2014-0181 insufficient netlink permission checks (rhbz 1094270 1094265)
* Tue May 6 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– Linux v3.14.3
* Tue May 6 2014 Hans de Goede <hdegoede@redhat.com>
– Add a patch to fix the Synaptics Touch Pad V 103S found on some keyboard
docks for win8 tablets
– Add a patch to fix the elantech touchpad on Gigabyte U2442 laptops
– Add a patch to fix backlight control on the Samsung NC210/NC110 (rhbz#861573)
– Add a patch to fix backlight & wifi on the Asus EEE PC 1015PX (rhbz#1067181)
* Tue May 6 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240)
– Add patch to fix smdb soft-lockup (rhbz 1082586)
* Mon May 5 2014 Hans de Goede <hdegoede@redhat.com>
– Add use_native_brightness quirk for the ThinkPad T530 (rhbz 1089545)
* Sat May 3 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix TUN performance regression (rhbz 1093931)
– Add patch to fix HID rmi driver from Benjamin Tissoires (rhbz 1090161)
* Thu May 1 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add backported drm qxl fix (rhbz 1060327)
* Thu May 1 2014 Hans de Goede <hdegoede@redhat.com>
– Sync min/max quirk patch with upstream to add a quirk for the ThinkPad L540
(rhbz 1088588)
* Thu May 1 2014 Hans de Goede <hdegoede@redhat.com>
– Add use_native_backlight quirk for 4 laptops (rhbz 983342 1093120)
* Wed Apr 30 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-3122: mm: fix locking DoS issue (rhbz 1093084 1093076)
* Mon Apr 28 2014 Justin M. Forbes <jforbes@fedoraproject.org> 3.14.2-200
– Linux v3.14.2 (rhbz 1067071 1091722 906568)
* Fri Apr 25 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch from Will Woods to fix fanotify EOVERFLOW issue (rhbz 696821)
– Fix ACPI issue preventing boot on AMI firmware (rhbz 1090746)
* Fri Apr 25 2014 Hans de Goede <hdegoede@redhat.com>
– Add synaptics min-max quirk for ThinkPad Edge E431 (rhbz#1089689)
* Wed Apr 23 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix SELinux wine issue again (rhbz 1013466)
* Tue Apr 22 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch to fix Synaptics touchscreens and HID rmi driver (rhbz 1089583)
* Mon Apr 21 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.14.1-200
– Fix Brainboxes Express Cards (rhbz 1071914)
– Fix build issues with CONFIG_DEBUG_VM set (rhbz 1074710)
– Fix perf build failures
* Mon Apr 21 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– Linux v3.14.1
* Thu Apr 17 2014 Hans de Goede <hdegoede@redhat.com>
– Update min/max quirk patch to add a quirk for the ThinkPad L540 (rhbz1088588)
* Mon Apr 14 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.10-200
– Linux v3.13.10
* Mon Apr 14 2014 Hans de Goede <hdegoede@redhat.com>
– Add min/max quirks for various new Thinkpad touchpads (rhbz 1085582 1085697)
* Mon Apr 14 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-2851 net ipv4 ping refcount issue in ping_init_sock (rhbz 1086730 1087420)
* Thu Apr 10 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Backported HID RMI driver for Haswell Dell XPS machines from Benjamin Tissoires (rhbz 1048314)
* Wed Apr 9 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-0155 KVM: BUG caused by invalid guest ioapic redirect table (rhbz 1081589 1085016)
– Add patch to fix SELinux lables on /proc files (rhbz 1084829)
– Add patch to fix S3 in KVM guests (rhbz 1074235)
* Thu Apr 3 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.9-200
– Linux v3.13.9
* Tue Apr 1 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280)
* Mon Mar 31 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.8-200
– Linux v3.13.8
* Mon Mar 31 2014 Hans de Goede <hdegoede@redhat.com>
– Fix clicks getting lost with cypress_ps2 touchpads with recent
xorg-x11-drv-synaptics versions (bfdo#76341)
* Fri Mar 28 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-2580 xen: netback crash trying to disable due to malformed packet (rhbz 1080084 1080086)
– CVE-2014-0077 vhost-net: insufficent big packet handling in handle_rx (rhbz 1064440 1081504)
– CVE-2014-0055 vhost-net: insufficent error handling in get_rx_bufs (rhbz 1062577 1081503)
– CVE-2014-2568 net: potential info leak when ubuf backed skbs are zero copied (rhbz 1079012 1079013)
* Mon Mar 24 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.7-200
– Linux v3.13.7
* Thu Mar 20 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-0131: skbuff: use-after-free during segmentation with zerocopy (rhbz 1074589 1079006)
– Fix readahead semantics on pipes and sockets (rhbz 1078894)
* Mon Mar 17 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-2523 netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages (rhbz 1077343 1077350)
* Wed Mar 12 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix locking issue in iwldvm (rhbz 1046495)
* Tue Mar 11 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-2309 ipv6: crash due to router advertisment flooding (rhbz 1074471 1075064)
* Fri Mar 7 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.6-200
– Linux v3.13.6
* Fri Mar 7 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch to fix iwldvm WARN (rhbz 1065663)
– Revert two xhci fixes that break USB mass storage (rhbz 1073180)
* Thu Mar 6 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix stale EC events on Samsung systems (rhbz 1003602)
– Fix depmod error message from hci_vhci module (rhbz 1051748)
– Fix bogus WARN in iwlwifi (rhbz 1071998)
* Tue Mar 4 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix MAC-before-DAC check for mmap_zero (rhbz 1013466)
– Fix hidp crash with apple bluetooth trackpads (rhbz 1027465)
* Mon Mar 3 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.13.5-202
– CVE-2014-0100 net: inet frag race condition use-after-free (rhbz 1072026 1070618)
– CVE-2014-0101 sctp: null ptr deref when processing auth cookie_echo chunk (rhbz 1070209 1070705)
– Fix overly verbose audit logs (rhbz 1066064)
* Mon Mar 3 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.13.5-201
– CVE-2014-0049 kvm: mmio_fragments out-of-bounds access (rhbz 1062368 1071837)
– Fix atomic sched BUG in tty low_latency (rhbz 1065087)
* Fri Feb 28 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-0102 keyctl_link can be used to cause an oops (rhbz 1071396)
* Fri Feb 28 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Drop alx phy reset patch that is already in 3.13
* Tue Feb 25 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix mounting issues on cifs (rhbz 1068862)
* Mon Feb 24 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.13.5-200
– CVE-2014-2039 s390: crash due to linkage stack instructions (rhbz 1067558 1068758)
– Fix lockdep issue in EHCI when using threaded IRQs (rhbz 1056170)
* Mon Feb 24 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– Linux v3.13.5
* Fri Feb 21 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix WARN from e100 from Michele Baldessari (rhbz 994438)
* Thu Feb 20 2014 Peter Robinson <pbrobinson@fedoraproject.org> – 3.13.4-200
– Rebase i.MX6 Utilite to upstream version
* Thu Feb 20 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– Linux v3.13.4
* Tue Feb 18 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix r8169 ethernet after suspend (rhbz 1054408)
– Enable INTEL_MIC drivers (rhbz 1064086)
* Fri Feb 14 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.13.3-201
– CVE-2014-0069 cifs: incorrect handling of bogus user pointers (rhbz 1064253 1062584)
* Thu Feb 13 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.3-200
– Linux v3.13.3
* Wed Feb 12 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch to fix list corruption from pinctrl (rhbz 1051918)
– Add IFA_FLAGS for IPv6 temporary addresses back (rhbz 1064430)
– Fix cgroup destroy oops (rhbz 1045755)
– Fix backtrace in amd_e400_idle (rhbz 1031296)
– CVE-2014-1874 SELinux: local denial of service (rhbz 1062356 1062507)
* Wed Feb 12 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.13.2-200
– Packaging fixes for tmon and trace
* Tue Feb 11 2014 Peter Robinson <pbrobinson@fedoraproject.org>
– Update am33xx (BeagleBone) patch for 3.13
– Minor ARM updates
* Mon Feb 10 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– Linux v3.13.2
– Fixes (rhbz 1062144)
* Thu Feb 6 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.12.10-300
– Linux v3.12.10
* Wed Feb 5 2014 Justin M. Forbes <jforbes@fedoraproject.org>
– fix resume issues on Renesas chips in Samsung laptops (rhbz 950630)
* Wed Jan 29 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.12.9-301
– ipv6 addrconf: revert /proc/net/if_inet6 ifa_flag format (rhbz 1056711)
* Tue Jan 28 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch from Stanislaw Gruszka to fix ath9k BUG (rhbz 990955)
* Mon Jan 27 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.12.9-300
– Backport new IPv6 address flag IFA_F_NOPREFIXROUTE and IFA_F_MANAGETEMPADDR (rhbz 1056711)
– Linux v3.12.9
– i915: remove pm_qos request on error (rhbz 1057533)
* Sun Jan 26 2014 Peter Robinson <pbrobinson@fedoraproject.org>
– Minor ARM config updates
– Disable highbank cpuidle driver
– Update CPU thermal scaling options for ARM
* Wed Jan 15 2014 Justin M. Forbes <jforbes@fedoraproject.org – 3.12.8-300
– Linux v3.12.8
* Wed Jan 15 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-1446 hamradio/yam: information leak in ioctl (rhbz 1053620 1053647)
– CVE-2014-1438 x86: exceptions are not cleared in AMD FXSAVE workaround (rhbz 1053599 1052914)
* Tue Jan 14 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix k-m-e Provides to be explicit to only the package flavor (rhbz 1046246)
* Tue Jan 14 2014 Neil Horman <nhorman@redhat.com>
– Backport ipv6 route cache expiration fix (rhbz 1040128)
* Sun Jan 12 2014 Peter Robinson <pbrobinson@fedoraproject.org>
– Enable generic cpufreq-cpu0 driver on ARM
– Enable thermal userspace support for ARM
* Fri Jan 10 2014 Justin M. Forbes <jforbes@fedoraproject.org – 3.12.7-300
– Linux v3.12.7
* Wed Jan 8 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Backport support for ALPS Dolphin devices (rhbz 953211)
– Enable BCMA_DRIVER_GPIO by turning on GPIOLIB everywhere (rhbz 1021098)
* Mon Jan 6 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add support for BCM57786 devices to tg3 (rhbz 1044471)
– Fix use after free crash in KVM (rhbz 1047892)
– Fix oops in KVM with invalid root_hpa (rhbz 924916)
– CVE-2013-4579: ath9k_htc improper MAC update (rhbz 1032753 1033072)
* Sat Dec 28 2013 Peter Robinson <pbrobinson@fedoraproject.org>
– Update am33xx (BeagleBone) cpsw patch to upstream version
* Mon Dec 23 2013 Justin M. Forbes <jforbes@fedoraproject.org – 3.12.6-300
– Linux v3.12.6
* Fri Dec 20 2013 Josh Boyer <jwboyer@fedoraproject.org>
– Add patches to fix dummy gssd entry (rhbz 1037793)
* Wed Dec 18 2013 Josh Boyer <jwboyer@fedoraproject.org>
– Fix nowatchdog-on-virt.patch to actually work in KVM guests
* Tue Dec 17 2013 Josh Boyer <jwboyer@fedoraproject.org> – 3.12.5-302
– Add patch to avoid using queued trim on M500 SSD (rhbz 1024002)
* Mon Dec 16 2013 Josh Boyer <jwboyer@fedoraproject.org>
– Fix host lockup in bridge code when starting from virt guest (rhbz 1025770)
* Fri Dec 13 2013 Josh Boyer <jwboyer@fedoraproject.org> 3.12.5-301
– More keys fixes from upstream to fix keyctl_get_persisent crash (rhbz 1043033)
* Fri Dec 13 2013 Justin M. Forbes <jforbes@fedoraproject.org – 3.12.5-300
– Linux v3.12.5 rebase
* Thu Dec 12 2013 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071)
– CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099)
– CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090)
– CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081)
* Wed Dec 11 2013 Josh Boyer <jwboyer@fedoraproject.org>
– Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802)
* Tue Dec 10 2013 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874)
* Fri Dec 6 2013 Peter Robinson <pbrobinson@fedoraproject.org>
– Fix up ARM usb gadget config to make it useful
——————————————————————————–
References:

[ 1 ] Bug #1119458 – CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()
https://bugzilla.redhat.com/show_bug.cgi?id=1119458
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update kernel’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
7e

Top
More in Preporuke
Ranjivosti programskog paketa dpkg

Otkrivene su višestruke ranjivosti zaobilaženja direktorija kod paketa dpkg. Udaljenim je napadačima omogućeno modificiranje datoteka izvan namijenjenih direktorija preko posebno...

Close