——————————————————————————–
Fedora Update Notification
FEDORA-2015-3011
2015-03-04 07:07:10
——————————————————————————–

Name : kernel
Product : Fedora 21
Version : 3.18.8
Release : 201.fc21
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

——————————————————————————–
Update Information:

Update to latest upstream stable release, Linux v3.18.8. Numerous bugfixes across the tree.
——————————————————————————–
ChangeLog:

* Fri Feb 27 2015 Kyle McMartin <kyle@fedoraproject.org> – 3.18.8-201
– Fix up aarch64 build… mis-merge in kernel-arm64.patch.
* Fri Feb 27 2015 Josh Boyer <jwboyer@fedoraproject.org> – 3.18.8-200
– Linux v3.18.8
* Thu Feb 26 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2015-1421 sctp: slab corruption from use after free on INIT collisions (rhbz 1196581 1196595)
* Wed Feb 25 2015 Josh Boyer <jwboyer@fedoraproject.org>
– Add support for AR5B195 devices from Alexander Ploumistos (rhbz 1190947)
* Tue Feb 24 2015 Josh Boyer <jwboyer@fedoraproject.org>
– Fix ext4 remount with journal_checksum option (rhbz 1190933)
* Mon Feb 23 2015 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch for HID i2c from Seth Forshee (rhbz 1188439)
– CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178)
* Fri Feb 20 2015 Josh Boyer <jwboyer@fedoraproject.org>
– Move mtpspi and related mods to kernel-core for VMWare guests (rhbz 1194612)
* Mon Feb 16 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-XXXX-XXXX potential memory corruption in vhost/scsi driver (rhbz 1189864 1192079)
– CVE-2015-1593 stack ASLR integer overflow (rhbz 1192519 1192520)
* Wed Feb 11 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.7-200
– Linux v3.18.7
– Add disable_native_backlight quirk for Samsung 510R (rhbz 1186097)
* Fri Feb 6 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.6-200
– Linux v3.18.6
* Mon Feb 2 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.5-201
– Fixup adjtimex freq validation on 32bit systems (rhbz 1188074)
* Mon Feb 2 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-XXXX-XXX DoS due to routing packets to too many different dsts/too fast (rhbz 1183744 1188347)
* Fri Jan 30 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.5-200
– Linux v3.18.5
* Thu Jan 29 2015 Josh Boyer <jwboyer@fedoraproject.org>
– Backport patch from Rob Clark to toggle i915 state machine checks
– Disable i915 state checks
* Tue Jan 27 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.4-200
– Linux v3.18.4
* Tue Jan 27 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2015-0239 kvm: insufficient sysenter emulation from 16-bit (rhbz 1186448 1186453)
* Mon Jan 19 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.3-201
– Add fixes from 3.18.4 queue to fix i915 issues (rhbz 1183232)
– xhci: Check if slot is already in default state before moving it there (rhbz 1183289)
* Fri Jan 16 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.3-200
– Linux v3.18.3
* Thu Jan 15 2015 Justin M. Forbes <jforbes@fedoraproject.org>
– Build fixes for big-endian arches
* Tue Jan 13 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.18.2-200
– Linux v3.18.2
* Mon Jan 12 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-9585 ASLR brute-force possible for vdso (rhbz 1181054 1181056)
– Backlight fixes for Samsung and Dell machines (rhbz 1094948 1115713 1163574)
– Add various UAS quirks (rhbz 1124119)
– Add patch to fix loop in VDSO (rhbz 1178975)
* Thu Jan 8 2015 Justin M. Forbes <jforbes@fedoraproject.org> – 3.17.8-300
– Linux v3.17.8
* Wed Jan 7 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853)
– Enable POWERCAP and INTEL_RAPL
* Tue Jan 6 2015 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-9419 partial ASLR bypass through TLS base addr leak (rhbz 1177260 1177263)
– CVE-2014-9428 remote DoS via batman-adv (rhbz 1178826 1178833)
– Fix CIFS login issue (rhbz 1163927)
* Mon Dec 29 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Enable F2FS (rhbz 972446)
* Thu Dec 18 2014 Josh Boyer <jwboyer@fedoraproject.org>
– CVE-2014-8989 userns can bypass group restrictions (rhbz 1170684 1170688)
– Fix dm-cache crash (rhbz 1168434)
– Fix blk-mq crash on CPU hotplug (rhbz 1175261)
* Wed Dec 17 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Enable USBIP in modules-extra from Johnathan Dieter (rhbz 1169478)
– CVE-2014-XXXX isofs: infinite loop in CE record entries (rhbz 1175235 1175250)
* Tue Dec 16 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Linux v3.17.7
– CVE-2014-8559 deadlock due to incorrect usage of rename_lock (rhbz 1159313 1173814)
– Add patch from Josh Stone to restore var-tracking via Kconfig (rhbz 1126580)
* Mon Dec 15 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix ppc64 boot with smt-enabled=off (rhbz 1173806)
– CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374)
* Fri Dec 12 2014 Kyle McMartin <kyle@fedoraproject.org>
– build in ahci_platform on aarch64 temporarily.
* Fri Dec 12 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Remove pointless warning in cfg80211 (rhbz 1172543)
* Wed Dec 10 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Fix MSI issues on another Samsung pci-e SSD (rhbz 1084928)
– Fix UAS crashes with Seagate and Fresco Logic drives (rhbz 1164945)
– CVE-2014-8134 fix espfix for 32-bit KVM paravirt guests (rhbz 1172765 1172769)
* Mon Dec 8 2014 Justin M. Forbes <jforbes@fedoraproject.org> – 3.17.6-300
– Linux v3.17.6
* Fri Dec 5 2014 Kyle McMartin <kyle@fedoraproject.org> – 3.17.4-303
– arm64-fix-xgene_enet_process_ring.patch: fix a panic under load.
* Thu Dec 4 2014 Josh Boyer <jwboyer@fedoraproject.org> – 3.17.4-302
– CVE-2014-9090 local DoS via do_double_fault due to improper SS faults (rhbz 1170691)
* Thu Dec 4 2014 Kyle McMartin <kyle@fedoraproject.org>
– kernel-arm64.patch: update.
– arm64-force-serial-to-be-active-consdev.patch: force serial consoles
to be the primary console device instead of defaulting to tty0. No
changes to drivers outside of ARM-land.
– arm64-vgic-error-to-info.patch: change an error to a warning so that
kvm will work.
* Mon Dec 1 2014 Josh Boyer <jwboyer@fedoraproject.org>
– Add patch to quiet i915 driver on long hdps
– Add patch to fix oops when using xpad (rhbz 1094048)
——————————————————————————–
References:

[ 1 ] Bug #1196581 – CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions
https://bugzilla.redhat.com/show_bug.cgi?id=1196581
[ 2 ] Bug #1193907 – CVE-2015-0275 kernel: fs: ext4: fallocate zero range page size > block size BUG()
https://bugzilla.redhat.com/show_bug.cgi?id=1193907
[ 3 ] Bug #1189864 – kernel: potential memory corruption (denial of service) in vhost/scsi driver
https://bugzilla.redhat.com/show_bug.cgi?id=1189864
[ 4 ] Bug #1192519 – CVE-2015-1593 kernel: Linux stack ASLR implementation Integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1192519
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update kernel’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce