LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora 10 Update: kernel-2.6.27.12-170.2.5.fc10 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update kernel is being tested.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-0923
2009-01-24 01:33:37
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 10
Version     : 2.6.27.12
Release     : 170.2.5.fc10
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Update to kernel 2.6.27.12:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12    Includes
security fixes:  CVE-2009-0029 Linux Kernel insecure 64 bit system call argument
passing  CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is
received with bad stream ID    Reverts ALSA driver to the version that is
upstream in kernel 2.6.27.    This should be the last 2.6.27 kernel update for
Fedora 10.  A 2.6.28 update kernel is being tested.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 20 2009 Chuck Ebbert 
- ath5k: ignore the return value of ath5k_hw_noise_floor_calibration
  (backport to 2.6.27)
- rtl8187: feedback transmitted packets using tx close descriptor for 8187B
* Tue Jan 20 2009 Chuck Ebbert  2.6.27.12-170.2.4
- Fix CVE-2009-0065: SCTP buffer overflow
* Tue Jan 20 2009 Chuck Ebbert  2.6.27.12-170.2.3
- Revert ALSA to what is upstream in 2.6.27.
* Mon Jan 19 2009 Kyle McMartin 
- Linux 2.6.27.12
- linux-2.6-iwlagn-downgrade-BUG_ON-in-interrupt.patch: merged
- linux-2.6-iwlwifi-use-GFP_KERNEL-to-allocate-Rx-SKB-memory.patch: merged
* Mon Jan 19 2009 Kyle McMartin 
- Roll in xen changes to execshield diff as in later kernels.
* Mon Jan 19 2009 Kyle McMartin 
- execshield fixes: should no longer generate spurious handled GPFs,
  fixes randomization of executables. also some clean ups.
* Sun Jan 11 2009 Dave Jones 
- Don't use MAXSMP on x86-64
* Wed Jan  7 2009 Roland McGrath  - 2.6.27.10-169
- utrace update
* Tue Jan  6 2009 Eric Sandeen  2.6.27.10-168
- ext4 - delay capable() checks in space accounting (#478299)
* Tue Dec 23 2008 Dave Airlie  2.6.27.10-167
- drm - fix issue with second driver opening DRI
* Mon Dec 22 2008 Chuck Ebbert  2.6.27.10-166
- Hopefully fix broken headphone output on some Dell notebooks.
* Fri Dec 19 2008 Chuck Ebbert  2.6.27.10-165
- Linux 2.6.27.10
  Dropped patches:
    linux-2.6-lib-idr-fix-bug-introduced-by-rcu-fix.patch
    linux-2.6.27.7-vmi-fix-crash-on-boot.patch
    linux-2.6.27.5-sched_clock-prevent-scd-clock-from-moving-backwards.patch
    linux-2.6-iwlagn-fix-rx-skb-alignment.patch
  Dropped from firewire-git-pending:
    firewire: fw-ohci: fix possible IOMMU resource exhaustion
* Fri Dec 19 2008 Chuck Ebbert  2.6.27.9-164
- Disable PATA_HPT3X3_DMA (from F11.)
* Thu Dec 18 2008 Dave Airlie  2.6.27.9-163
- radeon drm: fix broken caching bits in radeon which broke AGP
* Wed Dec 17 2008 John W. Linville  2.6.27.9-162
- iwlwifi: use GFP_KERNEL to allocate Rx SKB memory
* Tue Dec 16 2008 Kyle McMartin  2.6.27.9-161
- Re-enable input beep code, but disable it by default.
  Added:
   linux-2.6-alsa-backport-beep-switch.patch
   linux-2.6-defaults-alsa-hda-beep-off.patch
* Tue Dec 16 2008 Chuck Ebbert  2.6.27.9-160
- Disable AC97 audio driver power savings by default.
* Tue Dec 16 2008 Chuck Ebbert  2.6.27.9-159
- Disable input beep feature in Intel HDA sound driver.
* Tue Dec 16 2008 Chuck Ebbert  2.6.27.9-158
- Fix the CDROM door status patch right this time. (from rawhide)
* Mon Dec 15 2008 John W. Linville  2.6.27.9-157
- iwlagn: fix RX skb alignment
* Mon Dec 15 2008 Chuck Ebbert  2.6.27.9-156
- Revert -stable patch that causes suspend problems (L-K BZ 12149, 12155)
* Sun Dec 14 2008 Chuck Ebbert  2.6.27.9-155
- Linux 2.6.27.9
* Sat Dec 13 2008 Tom "spot" Callaway  2.6.27.9-154.rc2
- pull patch from davem sparc-2.6 git branch to add ebus_dma.h
* Sat Dec 13 2008 Tom "spot" Callaway  2.6.27.9-153.rc2
- Add "scsi_esp_register" to the search terms for modules.block so we pick up sun_esp.ko
* Fri Dec 12 2008 Chuck Ebbert  2.6.27.9-152.rc2
- Enable input beep feature in Intel HDA sound driver.
* Fri Dec 12 2008 Chuck Ebbert  2.6.27.9-151.rc2
- Linux 2.6.27.9-rc2
* Fri Dec 12 2008 Chuck Ebbert  2.6.27.9-150.rc1
- Fix VMI crash on boot introduced in 2.6.27.7 (#476062)
* Fri Dec 12 2008 Chuck Ebbert  2.6.27.9-149.rc1
- Linux 2.6.27.9-rc1
  Dropped patches:
    linux-2.6-net-atm-CVE-2008-5079.patch
* Fri Dec 12 2008 Chuck Ebbert  2.6.27.8-148
- Fix IDR allocator bug introduced in 2.6.27.8
* Fri Dec 12 2008 Dave Airlie  2.6.27.8-147
- modeset - fix AGP without kms + fix endian parser/pll programming
* Wed Dec 10 2008 Jarod Wilson  2.6.27.8-146
- Plug DMA memory leak in firewire drivers (#475156)
* Wed Dec 10 2008 Hans de Goede  2.6.27.8-145
- Fix vc0321 based webcams (rh 474990)
* Tue Dec  9 2008 Chuck Ebbert  2.6.27.8-144
- Revert idr patch from 2.6.27.8 that caused DRM breakage.
* Mon Dec  8 2008 Chuck Ebbert  2.6.27.8-143
- ATM security fix (CVE-2008-5079)
* Mon Dec  8 2008 Chuck Ebbert  2.6.27.8-142
- Scheduler fixes from 2.6.28
* Mon Dec  8 2008 Chuck Ebbert  2.6.27.8-141
- Stop the pciehp driver from filling the log with status messages.
* Mon Dec  8 2008 Chuck Ebbert  2.6.27.8-140
- Linux 2.6.27.8
  Dropped patches:
    linux-2.6-x86-sb600-skip-acpi-irq0-override-if-not-routed-to-int2.patch
    linux-2.6-x86-more-general-id-for-phoenix-bios.patch
    linux-2.6-xen-dont-reserve-2-pages-of-padding.patch
    linux-2.6-usb-ehci-fix-sb700-subsystem-hang.patch
    linux-2.6-usb-usbmon-fix-read.patch
    linux-2.6-libata-avoid-overflow-with-large-disks.patch
    linux-2.6-pci-fix-pciehp.patch
    linux-2.6-input.git-atkbd-add-quirk-for-inventec.patch
    linux-2.6.27-ext4-2.6.28-backport-fixups.patch
    linux-2.6.27-ext4-2.6.28-rc3-git6.patch
  Added patches:
    linux-2.6.27-ext4-rename-ext4dev-to-ext4.patch
* Mon Dec  8 2008 Chuck Ebbert  2.6.27.7-139
- ALSA 1.0.18a
  Dropped patches:
    linux-2.6-alsa-ac97-whitelist.patch
    linux-2.6-alsa-ac97-whitelist-AD1981B.patch
    linux-2.6-alsa-revo51-headphone.patch
    linux-2.6-olpc-speaker-out.patch
* Mon Dec  8 2008 Chuck Ebbert  2.6.27.7-138
- Fix PCI config space size on AMD Barcelona.
* Wed Dec  3 2008 Chuck Ebbert  2.6.27.7-137
- Update applesmc driver to 2.6.28-rc7-git1
  Adds: module autoloading
* Wed Dec  3 2008 Dave Airlie  2.6.27.7-136
- radeon: fix AGP harder than the last time.
* Tue Dec  2 2008 John W. Linville  2.6.27.7-135
- Backported ath9k DMA fixes from pre-2.6.28
- Drop patch to disable ath9k when swiotlb is in use
* Tue Dec  2 2008 Dave Airlie  2.6.27.7-134
- radeon: fix IGP aperture sizing (#473895)
* Mon Dec  1 2008 Dave Airlie  2.6.27.7-133
- drm-next.patch: drm/intel: fix VT switch issue harder.
* Sun Nov 30 2008 Dave Airlie  2.6.27.7-132
- radeon: another AGP fix for r500 cards falling back to PCIE
* Sun Nov 30 2008 Dave Airlie  2.6.27.7-131
- radeon: fix card posting, module unload and radeon AGP issues
* Thu Nov 27 2008 Chuck Ebbert  2.6.27.7-130
- Additional fixes for 64K lowmem reservation:
  - More general matching for Phoenix BIOS
  - Fix Xen when low 64K is reserved
* Thu Nov 27 2008 Chuck Ebbert  2.6.27.7-129
- Update applesmc driver to 2.6.28-rc6-git1
  Adds: iMac 5/6/8, Macbook 4/5, Macbook Pro 5, generic MacPro
* Thu Nov 27 2008 Dave Airlie  2.6.27.7-128
- drm: intel rebase with upstream fixes - radeon add larger GART size
* Tue Nov 25 2008 Chuck Ebbert  2.6.27.7-127
- Two USB patches scheduled for the next -stable release.
* Tue Nov 25 2008 Chuck Ebbert  2.6.27.7-126
- Fix Zepto notebook multimedia keys (F9#460237)
- Fix Dell XPS 1530 trackpad (F9#448656)
* Tue Nov 25 2008 Chuck Ebbert  2.6.27.7-125
- Linux 2.6.27.7
  Dropped patches:
    linux-2.6.27-sony-laptop-suspend-fix.patch
    linux-2.6-hostap-skb-cb-hack.patch
    linux-2.6-wireless-iwlagn-avoid-sleep-in-softirq.patch
* Tue Nov 25 2008 Chuck Ebbert  2.6.27.6-124
- Linux 2.6.27.6
  Dropped patches:
    linux-2.6-acpi-dock-avoid-check-sta-method.patch
    linux-2.6-blk-cciss-fix-regression-sysfs-symlink-missing.patch
  Updated patch:
    linux-2.6-netdev-r8169-2.6.28.patch
  New config variable:
    CONFIG_X86_RESERVE_LOW_64K=y
* Mon Nov 24 2008 Dave Airlie  2.6.27.5-123
- radeon: hopefully fix rs690 and rs480 GART invalidation
* Wed Nov 19 2008 Dave Jones  2.6.27.5-122
- selinux: recognize netlink messages for 'ip addrlabel' (#469423)
* Wed Nov 19 2008 Hans de Goede  2.6.27.5-121
- Update uvcvideo to latest git
- Patch uvcvideo to not make older logitech cams crash (bz 472217)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #478299 - AVC denials on kernel 2.6.27.9-159.fc10.x86_64
        https://bugzilla.redhat.com/show_bug.cgi?id=478299
  [ 2 ] Bug #480862 - CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID [F10]
        https://bugzilla.redhat.com/show_bug.cgi?id=480862
  [ 3 ] Bug #477954 - Sound doesnt play with latest kernel update "2.6.27.9-159.fc10"
        https://bugzilla.redhat.com/show_bug.cgi?id=477954
  [ 4 ] Bug #480866 - CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing [F10]
        https://bugzilla.redhat.com/show_bug.cgi?id=480866
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
USB is now UEC (use with extreme caution)
iPhone Encryption and the Return of the Crypto Wars
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.