--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2019-b86a7bdba0
2019-12-06 05:43:26.096029
--------------------------------------------------------------------------------Name        : kernel
Product     : Fedora 31
Version     : 5.3.14
Release     : 300.fc31
URL         : https://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------Update Information:

The 5.3.14 update contains a number of important fixes across the tree
--------------------------------------------------------------------------------ChangeLog:

* Mon Dec  2 2019 Laura Abbott  - 5.3.14-300
- Linux v5.3.14
* Mon Dec  2 2019 Justin M. Forbes 
- Fix CVE-2019-18808 (rhbz 1777418 1777421)
- Fix CVE-2019-18809 (rhbz 1777449 1777451)
- Fix CVE-2019-18811 (rhbz 1777455 1777456)
- Fix CVE-2019-18812 (rhbz 1777458 1777459)
- Fix CVE-2019-16232 (rhbz 1760351 1760352)
* Tue Nov 26 2019 Justin M. Forbes  
- Fix CVE-2019-19082 (rhbz 1776832 1776833)
* Mon Nov 25 2019 Justin M. Forbes  - 5.3.13-300
- Fix CVE-2019-14895 (rhbz 1774870 1776139)
- Fix CVE-2019-14896 (rhbz 1774875 1776143)
- Fix CVE-2019-14897 (rhbz 1774879 1776146)
- Fix CVE-2019-14901 (rhbz 1773519 1776184)
- Fix CVE-2019-19078 (rhbz 1776354 1776353)
* Mon Nov 25 2019 Laura Abbott 
- Linux v5.3.13
* Fri Nov 22 2019 Justin M. Forbes  
- Fix CVE-2019-19077 rhbz 1775724 1775725
* Thu Nov 21 2019 Justin M. Forbes  - 5.3.12-300
- Fix CVE-2019-19074 (rhbz 1774933 1774934)
- Fix CVE-2019-19073 (rhbz 1774937 1774939)
- Fix CVE-2019-19072 (rhbz 1774946 1774947)
- Fix CVE-2019-19071 (rhbz 1774949 1774950)
- Fix CVE-2019-19070 (rhbz 1774957 1774958)
- Fix CVE-2019-19068 (rhbz 1774963 1774965)
- Fix CVE-2019-19043 (rhbz 1774972 1774973)
- Fix CVE-2019-19066 (rhbz 1774976 1774978)
- Fix CVE-2019-19046 (rhbz 1774988 1774989)
- Fix CVE-2019-19050 (rhbz 1774998 1775002)
- Fix CVE-2019-19062 (rhbz 1775021 1775023)
- Fix CVE-2019-19064 (rhbz 1775010 1775011)
- Fix CVE-2019-19063 (rhbz 1775015 1775016)
- Fix CVE-2019-19059 (rhbz 1775042 1775043)
- Fix CVE-2019-19058 (rhbz 1775047 1775048)
- Fix CVE-2019-19057 (rhbz 1775050 1775051)
- Fix CVE-2019-19053 (rhbz 1775956 1775110)
- Fix CVE-2019-19056 (rhbz 1775097 1775115)
- Fix CVE-2019-19055 (rhbz 1775074 1775116)
- Fix CVE-2019-19054 (rhbz 1775063 1775117)
* Thu Nov 21 2019 Laura Abbott 
- Linux v5.3.12
* Tue Nov 12 2019 Justin M. Forbes  - 5.3.11-300
- Linux v5.3.11
- Fixes CVE-2019-11135	(rhbz 1753062 1771649)
- Fixes CVE-2018-12207	(rhbz 1646768 1771645)
- Fixes CVE-2019-0154	(rhbz 1724393 1771642)
- Fixes CVE-2019-0155	(rhbz 1724398 1771644)
* Mon Nov 11 2019 Laura Abbott  - 5.3.10-300
- Linux v5.3.10
* Thu Nov  7 2019 Jeremy Cline 
- Add support for a number of Macbook keyboards and touchpads (rhbz 1769465)
* Wed Nov  6 2019 Laura Abbott  - 5.3.9-300
- Linux v5.3.9
* Tue Oct 29 2019 Laura Abbott  - 5.3.8-300
- Linux v5.3.8
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1777418
  [ 2 ] Bug #1777449 - CVE-2019-18809 kernel: memory leak in  af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1777449
  [ 3 ] Bug #1777455 - CVE-2019-18811 kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1777455
  [ 4 ] Bug #1777458 - CVE-2019-18812 kernel: memory leak in sof_dfsentry_write() function in sound/soc/sof/debug.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1777458
  [ 5 ] Bug #1760351 - CVE-2019-16232 kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1760351
  [ 6 ] Bug #1777825 - CVE-2019-18660 kernel: incomplete Spectre-RSB mitigation leads to information exposure
        https://bugzilla.redhat.com/show_bug.cgi?id=1777825
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-b86a7bdba0' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 31: kernel FEDORA-2019-b86a7bdba0

December 6, 2019
The 5.3.14 update contains a number of important fixes across the tree

Summary

The kernel meta package

The 5.3.14 update contains a number of important fixes across the tree

* Mon Dec 2 2019 Laura Abbott - 5.3.14-300

- Linux v5.3.14

* Mon Dec 2 2019 Justin M. Forbes

- Fix CVE-2019-18808 (rhbz 1777418 1777421)

- Fix CVE-2019-18809 (rhbz 1777449 1777451)

- Fix CVE-2019-18811 (rhbz 1777455 1777456)

- Fix CVE-2019-18812 (rhbz 1777458 1777459)

- Fix CVE-2019-16232 (rhbz 1760351 1760352)

* Tue Nov 26 2019 Justin M. Forbes

- Fix CVE-2019-19082 (rhbz 1776832 1776833)

* Mon Nov 25 2019 Justin M. Forbes - 5.3.13-300

- Fix CVE-2019-14895 (rhbz 1774870 1776139)

- Fix CVE-2019-14896 (rhbz 1774875 1776143)

- Fix CVE-2019-14897 (rhbz 1774879 1776146)

- Fix CVE-2019-14901 (rhbz 1773519 1776184)

- Fix CVE-2019-19078 (rhbz 1776354 1776353)

* Mon Nov 25 2019 Laura Abbott

- Linux v5.3.13

* Fri Nov 22 2019 Justin M. Forbes

- Fix CVE-2019-19077 rhbz 1775724 1775725

* Thu Nov 21 2019 Justin M. Forbes - 5.3.12-300

- Fix CVE-2019-19074 (rhbz 1774933 1774934)

- Fix CVE-2019-19073 (rhbz 1774937 1774939)

- Fix CVE-2019-19072 (rhbz 1774946 1774947)

- Fix CVE-2019-19071 (rhbz 1774949 1774950)

- Fix CVE-2019-19070 (rhbz 1774957 1774958)

- Fix CVE-2019-19068 (rhbz 1774963 1774965)

- Fix CVE-2019-19043 (rhbz 1774972 1774973)

- Fix CVE-2019-19066 (rhbz 1774976 1774978)

- Fix CVE-2019-19046 (rhbz 1774988 1774989)

- Fix CVE-2019-19050 (rhbz 1774998 1775002)

- Fix CVE-2019-19062 (rhbz 1775021 1775023)

- Fix CVE-2019-19064 (rhbz 1775010 1775011)

- Fix CVE-2019-19063 (rhbz 1775015 1775016)

- Fix CVE-2019-19059 (rhbz 1775042 1775043)

- Fix CVE-2019-19058 (rhbz 1775047 1775048)

- Fix CVE-2019-19057 (rhbz 1775050 1775051)

- Fix CVE-2019-19053 (rhbz 1775956 1775110)

- Fix CVE-2019-19056 (rhbz 1775097 1775115)

- Fix CVE-2019-19055 (rhbz 1775074 1775116)

- Fix CVE-2019-19054 (rhbz 1775063 1775117)

* Thu Nov 21 2019 Laura Abbott

- Linux v5.3.12

* Tue Nov 12 2019 Justin M. Forbes - 5.3.11-300

- Linux v5.3.11

- Fixes CVE-2019-11135 (rhbz 1753062 1771649)

- Fixes CVE-2018-12207 (rhbz 1646768 1771645)

- Fixes CVE-2019-0154 (rhbz 1724393 1771642)

- Fixes CVE-2019-0155 (rhbz 1724398 1771644)

* Mon Nov 11 2019 Laura Abbott - 5.3.10-300

- Linux v5.3.10

* Thu Nov 7 2019 Jeremy Cline

- Add support for a number of Macbook keyboards and touchpads (rhbz 1769465)

* Wed Nov 6 2019 Laura Abbott - 5.3.9-300

- Linux v5.3.9

* Tue Oct 29 2019 Laura Abbott - 5.3.8-300

- Linux v5.3.8

[ 1 ] Bug #1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

https://bugzilla.redhat.com/show_bug.cgi?id=1777418

[ 2 ] Bug #1777449 - CVE-2019-18809 kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c

https://bugzilla.redhat.com/show_bug.cgi?id=1777449

[ 3 ] Bug #1777455 - CVE-2019-18811 kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c

https://bugzilla.redhat.com/show_bug.cgi?id=1777455

[ 4 ] Bug #1777458 - CVE-2019-18812 kernel: memory leak in sof_dfsentry_write() function in sound/soc/sof/debug.c

https://bugzilla.redhat.com/show_bug.cgi?id=1777458

[ 5 ] Bug #1760351 - CVE-2019-16232 kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760351

[ 6 ] Bug #1777825 - CVE-2019-18660 kernel: incomplete Spectre-RSB mitigation leads to information exposure

https://bugzilla.redhat.com/show_bug.cgi?id=1777825

su -c 'dnf upgrade --advisory FEDORA-2019-b86a7bdba0' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2019-b86a7bdba0 2019-12-06 05:43:26.096029 Product : Fedora 31 Version : 5.3.14 Release : 300.fc31 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package The 5.3.14 update contains a number of important fixes across the tree * Mon Dec 2 2019 Laura Abbott - 5.3.14-300 - Linux v5.3.14 * Mon Dec 2 2019 Justin M. Forbes - Fix CVE-2019-18808 (rhbz 1777418 1777421) - Fix CVE-2019-18809 (rhbz 1777449 1777451) - Fix CVE-2019-18811 (rhbz 1777455 1777456) - Fix CVE-2019-18812 (rhbz 1777458 1777459) - Fix CVE-2019-16232 (rhbz 1760351 1760352) * Tue Nov 26 2019 Justin M. Forbes - Fix CVE-2019-19082 (rhbz 1776832 1776833) * Mon Nov 25 2019 Justin M. Forbes - 5.3.13-300 - Fix CVE-2019-14895 (rhbz 1774870 1776139) - Fix CVE-2019-14896 (rhbz 1774875 1776143) - Fix CVE-2019-14897 (rhbz 1774879 1776146) - Fix CVE-2019-14901 (rhbz 1773519 1776184) - Fix CVE-2019-19078 (rhbz 1776354 1776353) * Mon Nov 25 2019 Laura Abbott - Linux v5.3.13 * Fri Nov 22 2019 Justin M. Forbes - Fix CVE-2019-19077 rhbz 1775724 1775725 * Thu Nov 21 2019 Justin M. Forbes - 5.3.12-300 - Fix CVE-2019-19074 (rhbz 1774933 1774934) - Fix CVE-2019-19073 (rhbz 1774937 1774939) - Fix CVE-2019-19072 (rhbz 1774946 1774947) - Fix CVE-2019-19071 (rhbz 1774949 1774950) - Fix CVE-2019-19070 (rhbz 1774957 1774958) - Fix CVE-2019-19068 (rhbz 1774963 1774965) - Fix CVE-2019-19043 (rhbz 1774972 1774973) - Fix CVE-2019-19066 (rhbz 1774976 1774978) - Fix CVE-2019-19046 (rhbz 1774988 1774989) - Fix CVE-2019-19050 (rhbz 1774998 1775002) - Fix CVE-2019-19062 (rhbz 1775021 1775023) - Fix CVE-2019-19064 (rhbz 1775010 1775011) - Fix CVE-2019-19063 (rhbz 1775015 1775016) - Fix CVE-2019-19059 (rhbz 1775042 1775043) - Fix CVE-2019-19058 (rhbz 1775047 1775048) - Fix CVE-2019-19057 (rhbz 1775050 1775051) - Fix CVE-2019-19053 (rhbz 1775956 1775110) - Fix CVE-2019-19056 (rhbz 1775097 1775115) - Fix CVE-2019-19055 (rhbz 1775074 1775116) - Fix CVE-2019-19054 (rhbz 1775063 1775117) * Thu Nov 21 2019 Laura Abbott - Linux v5.3.12 * Tue Nov 12 2019 Justin M. Forbes - 5.3.11-300 - Linux v5.3.11 - Fixes CVE-2019-11135 (rhbz 1753062 1771649) - Fixes CVE-2018-12207 (rhbz 1646768 1771645) - Fixes CVE-2019-0154 (rhbz 1724393 1771642) - Fixes CVE-2019-0155 (rhbz 1724398 1771644) * Mon Nov 11 2019 Laura Abbott - 5.3.10-300 - Linux v5.3.10 * Thu Nov 7 2019 Jeremy Cline - Add support for a number of Macbook keyboards and touchpads (rhbz 1769465) * Wed Nov 6 2019 Laura Abbott - 5.3.9-300 - Linux v5.3.9 * Tue Oct 29 2019 Laura Abbott - 5.3.8-300 - Linux v5.3.8 [ 1 ] Bug #1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c https://bugzilla.redhat.com/show_bug.cgi?id=1777418 [ 2 ] Bug #1777449 - CVE-2019-18809 kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c https://bugzilla.redhat.com/show_bug.cgi?id=1777449 [ 3 ] Bug #1777455 - CVE-2019-18811 kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c https://bugzilla.redhat.com/show_bug.cgi?id=1777455 [ 4 ] Bug #1777458 - CVE-2019-18812 kernel: memory leak in sof_dfsentry_write() function in sound/soc/sof/debug.c https://bugzilla.redhat.com/show_bug.cgi?id=1777458 [ 5 ] Bug #1760351 - CVE-2019-16232 kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c https://bugzilla.redhat.com/show_bug.cgi?id=1760351 [ 6 ] Bug #1777825 - CVE-2019-18660 kernel: incomplete Spectre-RSB mitigation leads to information exposure https://bugzilla.redhat.com/show_bug.cgi?id=1777825 su -c 'dnf upgrade --advisory FEDORA-2019-b86a7bdba0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 31
Version : 5.3.14
Release : 300.fc31
URL : https://www.kernel.org/
Summary : The Linux kernel

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved