[SECURITY] Fedora 18 Update: kernel-3.8.8-203.fc18

updates at fedoraproject.org updates at fedoraproject.org
Sat Apr 27 00:09:52 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-6537
2013-04-24 23:52:53
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 18
Version     : 3.8.8
Release     : 203.fc18
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Fixes a large number of network related information leak CVEs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 24 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.8-203
- CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071)
- CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089)
- CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104)
- CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113)
- CVE-2013-3233 NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg (rhbz 956125 956129)
- CVE-2013-3234 rose: info leak via msg_name in rose_recvmsg (rhbz 956135 956139)
- CVE-2013-3076 crypto: algif suppress sending src addr info in recvmsg (rhbz 956162 956168)
* Tue Apr 23 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-3223 ax25: information leak via msg_name in ax25_recvmsg (rhbz 955662 955666)
- CVE-2013-3225 Bluetooth: RFCOMM missing msg_namelen update in rfcomm_sock_recvmsg (rhbz 955649 955658)
- CVE-2013-1979 net: incorrect SCM_CREDENTIALS passing (rhbz 955629 955647)
- CVE-2013-3224 Bluetooth: possible info leak in bt_sock_recvmsg (rhbz 955599 955607)
* Mon Apr 22 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-3222 atm: update msg_namelen in vcc_recvmsg (rhbz 955216 955228)
* Wed Apr 17 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.8-202
- Fix missing raid REQ_WRITE_SAME flag commit (rhbz 947539)
* Wed Apr 17 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.8-201
- Linux v3.8.8
* Tue Apr 16 2013 Josh Boyer <jwboyer at redhat.com>
- Fix uninitialized variable free in iwlwifi (rhbz 951241)
- Fix race in regulatory code (rhbz 919176)
* Mon Apr 15 2013 Josh Boyer <jwboyer at redhat.com>
- tracing: NULL pointer dereference (rhbz 952197 952217)
- Fix debug patches to build on s390x/ppc
* Fri Apr 12 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.7-201
- Linux v3.8.7
- Enable CONFIG_LDM_PARTITION (rhbz 948636)
* Thu Apr 11 2013 Dave Jones <davej at redhat.com>
- Print out some extra debug information when we hit bad page tables.
* Thu Apr 11 2013 Josh Boyer <jwboyer at redhat.com>
- Fix ALPS backport patch (rhbz 812111)
* Tue Apr  9 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.6-203
- Temporarily work around pci device assignment issues (rhbz 908888)
- CVE-2013-1929 tg3: len overflow in VPD firmware parsing (rhbz 949932 949946)
- Backport intel brightness quirk for emachines (rhbz 871932)
* Mon Apr  8 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Enable CMA on ARM tegra
- Minor tweeks to ARM OMAP
* Mon Apr  8 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch from Benjamin Tissoires to fix race in HID magicmouse (rhbz 908604)
* Fri Apr  5 2013 Justin M. Forbes <jforbes at redhat.com>
- Linux v3.8.6
* Wed Apr  3 2013 Dave Jones <davej at redhat.com>
- Enable MTD_CHAR/MTD_BLOCK (Needed for SFC)
  Enable 10gigE on 64-bit only.
* Tue Apr  2 2013 Josh Boyer <jwboyer at redhat.com>
- Enable CONFIG_FB_MATROX_G on powerpc
- Add support for Atheros 04ca:3004 bluetooth devices (again) (rhbz 844750)
- Enable CONFIG_SCSI_DMX3191D (rhbz 919874)
* Mon Apr  1 2013 Josh Boyer <jwboyer at redhat.com>
- Enable the rtl8192e driver (rhbz 913753)
- Enable CONFIG_MCE_INJECT (rhbz 927353)
* Thu Mar 28 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.5-201
- Linux v3.8.5
* Tue Mar 26 2013 Justin M. Forbes <jforbes at redhat.com>
- Fix child thread introspection of of /proc/self/exe (rhbz 927469)
* Tue Mar 26 2013 Josh Boyer <jwboyer at redhat.com>
- Add quirk for Realtek card reader to avoid 10 sec boot delay (rhbz 806587)
- Add quirk for MSI keyboard backlight to avoid 10 sec boot delay (rhbz 907221)
* Mon Mar 25 2013 Justin M. Forbes <jforbes at redhat.com>
- enable CONFIG_DRM_VMWGFX_FBCON (rhbz 927022)
- disable whci-hcd since it doesnt seem to have users (rhbz 919289)
* Sat Mar 23 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Disable Marvell Dove support for the moment as it breaks other SoCs
* Thu Mar 21 2013 Josh Boyer <jwboyer at redhat.com>
- Fix workqueue crash in mac80211 (rhbz 920218)
* Thu Mar 21 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Minor ARM config updates
* Wed Mar 20 2013 Justin M. Forbes <jforbes at redhat.com> 3.8.4-201
- Linux v3.8.4
- CVE-2013-1873 information leaks via netlink interface (rhbz 923652 923662)
* Wed Mar 20 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-1796 kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME
  (rhbz 917012 923966)
- CVE-2013-1797 kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME
  (rhbz 917013 923967)
- CVE-2013-1798 kvm: out-of-bounds access in ioapic indirect register reads
  (rhbz 917017 923968)
* Mon Mar 18 2013 Justin M. Forbes
- Revert rc6 ilk changes from 3.8.3 stable (rhbz 922304)
* Mon Mar 18 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Enable OMAP RNG and mvebu dove configs
* Fri Mar 15 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-1860 usb: cdc-wdm buf overflow triggered by dev (rhbz 921970 922004)
* Thu Mar 14 2013 Justin M. Forbes <jforbes at redhat.com> 3.8.3-201
- Linux v3.8.3
* Thu Mar 14 2013 Josh Boyer <jwboyer at redhat.com>
- Fix divide by zero on host TSC calibration failure (rhbz 859282)
* Thu Mar 14 2013 Mauro Carvalho Chehab <mchehab at redhat.com>
- fix i7300_edac twice-mem-size-report via EDAC API (rhbz 921500)
* Tue Mar 12 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch to fix ieee80211_do_stop (rhbz 892599)
- Add patches to fix cfg80211 issues with suspend (rhbz 856863)
- Add patch to fix Cypress trackpad on XPS 12 machines (rhbz 912166)
- CVE-2013-0913 drm/i915: head writing overflow (rhbz 920471 920529)
- CVE-2013-0914 sa_restorer information leak (rhbz 920499 920510)
* Mon Mar 11 2013 Mauro Carvalho Chehab <mchehab at redhat.com>
- fix amd64_edac twice-mem-size-report via EDAC API (rhbz 920586)
* Mon Mar 11 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch to fix usb_submit_urb error in uvcvideo (rhbz 879462)
- Add patch to allow "8250." prefix to keep working (rhbz 911771)
- Add patch to fix w1_search oops (rhbz 857954)
- Add patch to fix broken tty handling (rhbz 904182)
* Fri Mar  8 2013 Josh Boyer <jwboyer at redhat.com>
- Add turbostat and x86_engery_perf_policy debuginfo to kernel-tools-debuginfo
* Fri Mar  8 2013 Justin M. Forbes <jforbes at redhat.com>
- Revert "write backlight harder" until better solution is found (rhbz 917353)
- Update team driver from net-next from Jiri Pirko
* Fri Mar  8 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-1828 sctp: SCTP_GET_ASSOC_STATS stack buffer overflow (rhbz 919315 919316)
* Fri Mar  8 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Have kernel provide kernel-highbank for upgrade to unified
- Update mvebu configs
- Drop unused ARM patches
* Thu Mar  7 2013 Josh Boyer <jwboyer at redhat.com>
- Fix DMI regression (rhbz 916444)
- Fix logitech-dj HID bug from Benjamin Tissoires (rhbz 840391)
- CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021)
* Wed Mar  6 2013 Justin M. Forbes <jforbes at redhat.com>
- Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz 880051)
- Fix destroy_conntrack GPF (rhbz 859346)
* Wed Mar  6 2013 Josh Boyer <jwboyer at redhat.com>
- Fix regression in secure-boot acpi_rsdp patch (rhbz 906225)
- crypto: info leaks in report API (rhbz 918512 918521)
* Tue Mar  5 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Fix Beagle (omap), update vexpress
* Tue Mar  5 2013 Josh Boyer <jwboyer at redhat.com>
- Backport 4 fixes for efivarfs (rhbz 917984)
- Enable CONFIG_IP6_NF_TARGET_MASQUERADE
* Mon Mar  4 2013 Josh Boyer <jwboyer at redhat.com>
- Fix issues in nx crypto driver from Kent Yoder (rhbz 916544)
* Mon Mar  4 2013 Justin M. Forbes <jforbes at redhat.com> - 3.8.2-201
- Linux v3.8.2
* Mon Mar  4 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Fix DTB generation on ARM
* Fri Mar  1 2013 Dave Jones <davej at redhat.com>
- Silence "tty is NULL" trace.
* Fri Mar  1 2013 Josh Boyer <jwboyer at redhat.com>
- Add patches to fix sunrpc panic (rhbz 904870)
* Thu Feb 28 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Update ARM config for 3.8
* Thu Feb 28 2013 Dave Jones <davej at redhat.com>
- Remove no longer needed E1000 hack.
* Thu Feb 28 2013 Dave Jones <davej at redhat.com>
- Drop SPARC64 support.
* Thu Feb 28 2013 Dave Jones <davej at redhat.com>
- Linux 3.8.1
  Dropped (merged in 3.8.1)
  - drm-i915-lvds-reclock-fix.patch
  - usb-cypress-supertop.patch
  - perf-hists-Fix-period-symbol_conf.field_sep-display.patch
  - ipv6-dst-from-ptr-race.patch
  - sock_diag-Fix-out-of-bounds-access-to-sock_diag_handlers.patch
  - tmpfs-fix-use-after-free-of-mempolicy-object.patch
* Thu Feb 28 2013 Dave Jones <davej at redhat.com>
- Update usb-cypress-supertop.patch
* Wed Feb 27 2013 Dave Jones <davej at redhat.com>
- Update ALPS patch to what got merged in 3.9-rc
* Wed Feb 27 2013 Dave Jones <davej at redhat.com>
- 3.8.0
  Dropped (merged in 3.8)
  - arm-l2x0-only-set-set_debug-on-pl310-r3p0-and-earlier.patch
  - power-x86-destdir.patch
  - modsign-post-KS-jwb.patch
  - efivarfs-3.7.patch
  - handle-efi-roms.patch
  - drm-i915-Fix-up-mismerge-of-3490ea5d-in-3.7.y.patch
  - USB-report-submission-of-active-URBs.patch
  - exec-use-eloop-for-max-recursion-depth.patch
  - 8139cp-revert-set-ring-address-before-enabling-receiver.patch
  - 8139cp-set-ring-address-after-enabling-C-mode.patch
  - 8139cp-re-enable-interrupts-after-tx-timeout.patch
  - brcmsmac-updates-rhbz892428.patch
  - silence-brcmsmac-warning.patch
  - net-fix-infinite-loop-in-__skb_recv_datagram.patch
  - Bluetooth-Add-support-for-Foxconn-Hon-Hai-0489-e056.patch
  - 0001-bluetooth-Add-support-for-atheros-04ca-3004-device-t.patch
  Needs checking:
  - arm-tegra-nvec-kconfig.patch
  - arm-tegra-sdhci-module-fix.patch
* Tue Feb 26 2013 Justin M. Forbes <jforbes at redhat.com>
- Avoid recursion in put_user_ns, potential overflow
* Tue Feb 26 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-1767 tmpfs: fix use-after-free of mempolicy obj (rhbz 915592,915716)
- Fix vmalloc_fault oops during lazy MMU (rhbz 914737)
* Mon Feb 25 2013 Josh Boyer <jwboyer at redhat.com>
- Honor dmesg_restrict for /dev/kmsg (rhbz 903192)
* Sun Feb 24 2013 Josh Boyer <jwboyer at redhat.com> - 3.7.9-205
- CVE-2013-1763 sock_diag: out-of-bounds access to sock_diag_handlers (rhbz 915052,915057)
* Fri Feb 22 2013 Josh Boyer <jwboyer at redhat.com>
- Add support for bluetooth in Acer Aspire S7 (rhbz 879408)
* Thu Feb 21 2013 Neil Horman <nhorman at redhat.com>
- Fix crash from race in ipv6 dst entries (rhbz 892060)
* Wed Feb 20 2013 Josh Boyer <jwboyer at redhat.com>
- Fix perf report field separator issue (rhbz 906055)
- Fix oops from acpi_rsdp setup in secure-boot patchset (rhbz 906225)
* Tue Feb 19 2013 Josh Boyer <jwboyer at redhat.com>
- Add support for Atheros 04ca:3004 bluetooth devices (rhbz 844750)
- Backport support for newer ALPS touchpads (rhbz 812111)
* Tue Feb 19 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Fix OMAP thermal driver by building it in (seems it doesn't auto load when a module)
* Mon Feb 18 2013 Justin M. Forbes <jforbes at redhat.com> - 3.7.9-201
- Linux v3.7.9
* Mon Feb 18 2013 Adam Jackson <ajax at redhat.com
- i915: Fix a mismerge in 3.7.y that leads to divide-by-zero in i915_update_wm
* Fri Feb 15 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-0290 net: infinite loop in __skb_recv_datagram (rhbz 911479 911473)
* Thu Feb 14 2013 Justin M. Forbes <jforbes at redhat.com> - 3.7.8-201
- Linux v3.7.8
* Thu Feb 14 2013 Adam Jackson <ajax at redhat.com>
- i915: Hush asserts during TV detection, just useless noise
- i915: Fix LVDS downclock to not cripple performance (#901951)
* Thu Feb 14 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch to fix corruption on newer M6116 SATA bridges (rhbz 909591)
- CVE-2013-0228 xen: xen_iret() invalid %ds local DoS (rhbz 910848 906309)
* Tue Feb 12 2013 Dave Jones <davej at redhat.com>
- Add networking queue for next stable release.
* Tue Feb 12 2013 Dave Jones <davej at redhat.com>
- mm: Check if PUD is large when validating a kernel address
* Tue Feb 12 2013 Dave Jones <davej at redhat.com>
- Silence brcmsmac warnings. (Fixed in 3.8, but not backporting to 3.7)
* Tue Feb 12 2013 Justin M. Forbes <jforbes at redhat.com>
- Linux v3.7.7
* Mon Feb 11 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch from Kees Cook to restrict MSR writting in secure boot mode
- Add patch to honor MokSBState (rhbz 907406)
* Thu Feb  7 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Minor ARM build fixes
* Wed Feb  6 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch to fix ath9k dma stop checks (rhbz 892811)
* Mon Feb  4 2013 Josh Boyer <jwboyer at redhat.com>
- Linux v3.7.6
- Update secure-boot patchset
- Fix rtlwifi scheduling while atomic from Larry Finger (rhbz 903881)
* Tue Jan 29 2013 Josh Boyer <jwboyer at redhat.com>
- Backport driver for Cypress PS/2 trackpad (rhbz 799564)
* Mon Jan 28 2013 Josh Boyer <jwboyer at redhat.com> - 3.7.5-201
- Linux v3.7.5
- Add patch to fix iwlwifi issues (rhbz 863424)
* Sun Jan 27 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Build and package dtbs on ARM
- Enable FB options for qemu vexpress on unified
* Fri Jan 25 2013 Justin M. Forbes <jforbes at redhat.com>
- Turn off THP for 32bit
* Wed Jan 23 2013 Justin M. Forbes <jforbes at redhat.com> - 3.7.4-204
- brcmsmac fixes from upstream (rhbz 892428)
* Wed Jan 23 2013 Dave Jones <davej at redhat.com>
- Remove warnings about empty IPI masks.
* Tue Jan 22 2013 Justin M. Forbes <jforbes at redhat.com> - 3.7.4-203
- Add i915 bugfix from airlied
* Tue Jan 22 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Apply ARM errata fix
- disable HVC_DCC and VIRTIO_CONSOLE on ARM
* Tue Jan 22 2013 Josh Boyer <jwboyer at redhat.com>
- Fix libata settings bug (rhbz 902523)
* Mon Jan 21 2013 Josh Boyer <jwboyer at redhat.com> - 3.7.4-201
- Linux v3.7.4
* Fri Jan 18 2013 Justin M. Forbes <jforbes at redhat.com> 3.7.3-201
- Linux v3.7.3
* Thu Jan 17 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Merge 3.7 ARM kernel including unified kernel
- Drop separate IMX and highbank kernels
- Disable ARM PL310 errata that crash highbank
* Wed Jan 16 2013 Josh Boyer <jwboyer at redhat.com>
- Fix power management sysfs on non-secure boot machines (rhbz 896243)
* Wed Jan 16 2013 Justin M. Forbes <jforbes at redhat.com>  3.7.2-204
- Fix for CVE-2013-0190 xen corruption with 32bit pvops (rhbz 896051 896038)
* Wed Jan 16 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch from Stanislaw Gruszka to fix iwlegacy IBSS cleanup (rhbz 886946)
* Tue Jan 15 2013 Justin M. Forbes <jforbes at redhat.com> 3.7.2-203
- Turn off Intel IOMMU by default
- Stable queue from 3.7.3 with many relevant fixes
* Tue Jan 15 2013 Josh Boyer <jwboyer at redhat.com>
- Enable CONFIG_DVB_USB_V2 (rhbz 895460)
* Mon Jan 14 2013 Josh Boyer <jwboyer at redhat.com>
- Enable Orinoco drivers in kernel-modules-extra (rhbz 894069)
* Fri Jan 11 2013 Justin M. Forbes <jforbes at redhat.com> 3.7.1-1
- Linux v3.7.2
- Enable Intel IOMMU by default
* Thu Jan 10 2013 Dave Jones <davej at redhat.com>
- Add audit-libs-devel to perf build-deps to enable trace command. (rhbz 892893)
* Tue Jan  8 2013 Josh Boyer <jwboyer at redhat.com>
- Add patch to fix shutdown on some machines (rhbz 890547)
* Mon Jan  7 2013 Josh Boyer <jwboyer at redhat.com>
- Patch to fix efivarfs underflow from Lingzhu Xiang (rhbz 888163)
* Sun Jan  6 2013 Josh Boyer <jwboyer at redhat.com>
- Fix version.h include due to UAPI change in 3.7 (rhbz 892373)
* Fri Jan  4 2013 Josh Boyer <jwboyer at redhat.com>
- Fix oops on aoe module removal (rhbz 853064)
* Thu Jan  3 2013 Josh Boyer <jwboyer at redhat.com> - 3.7.1-2
- Fixup secure boot patchset for 3.7 rebase
- Package bash completion script for perf
* Thu Jan  3 2013 Dave Jones <davej at redhat.com>
- Rebase to 3.7.1
* Wed Jan  2 2013 Josh Boyer <jwboyer at redhat.com>
- Fix autofs issue in 3.6 (rhbz 874372)
- BR the hostname package (rhbz 886113)
* Mon Dec 17 2012 Josh Boyer <jwboyer at redhat.com> - 3.6.11-3
- Linux v3.6.11
* Mon Dec 17 2012 Dennis Gilmore <dennis at ausil.us>
- disable gpiolib on vexpress
* Mon Dec 17 2012 Josh Boyer <jwboyer at redhat.com>
- Fix oops in sony-laptop setup (rhbz 873107)
* Wed Dec 12 2012 Josh Boyer <jwboyer at redhat.com> - 3.6.10-5
- Fix infinite loop in efi signature parser
- Don't error out if db doesn't exist
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #955216 - CVE-2013-3222 Kernel: atm: update msg_namelen in vcc_recvmsg()
        https://bugzilla.redhat.com/show_bug.cgi?id=955216
  [ 2 ] Bug #955599 - CVE-2013-3224 Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()
        https://bugzilla.redhat.com/show_bug.cgi?id=955599
  [ 3 ] Bug #955629 - CVE-2013-1979 kernel: net: incorrect SCM_CREDENTIALS passing
        https://bugzilla.redhat.com/show_bug.cgi?id=955629
  [ 4 ] Bug #955649 - CVE-2013-3225 Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=955649
  [ 5 ] Bug #955662 - CVE-2013-3223 Kernel: ax25: information leak via msg_name in ax25_recvmsg()
        https://bugzilla.redhat.com/show_bug.cgi?id=955662
  [ 6 ] Bug #956162 - CVE-2013-3076 Kernel: crypto: algif - suppress sending source address information in recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956162
  [ 7 ] Bug #956135 - CVE-2013-3234 Kernel: rose: info leak via msg_name in rose_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956135
  [ 8 ] Bug #956125 - CVE-2013-3233 Kernel: NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956125
  [ 9 ] Bug #956110 - CVE-2013-3232 Kernel: netrom: information leak via msg_name in nr_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956110
  [ 10 ] Bug #956094 - CVE-2013-3231 Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956094
  [ 11 ] Bug #956088 - CVE-2013-3230 Kernel: l2tp: info leak in l2tp_ip6_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956088
  [ 12 ] Bug #956069 - CVE-2013-3228 Kernel: irda: missing msg_namelen update in irda_recvmsg_dgram
        https://bugzilla.redhat.com/show_bug.cgi?id=956069
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list