-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-8846a1a5a2 2019-12-02 01:29:23.163452 --------------------------------------------------------------------------------
Name : kernel Product : Fedora 30 Version : 5.3.13 Release : 200.fc30 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package
-------------------------------------------------------------------------------- Update Information:
The 5.3.13 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 25 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.3.13-200 - Fix CVE-2019-14895 (rhbz 1774870 1776139) - Fix CVE-2019-14896 (rhbz 1774875 1776143) - Fix CVE-2019-14897 (rhbz 1774879 1776146) - Fix CVE-2019-14901 (rhbz 1773519 1776184) - Fix CVE-2019-19078 (rhbz 1776354 1776353) * Mon Nov 25 2019 Laura Abbott labbott@redhat.com - Linux v5.3.13 * Fri Nov 22 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-19077 rhbz 1775724 1775725 * Thu Nov 21 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.3.12-200 - Fix CVE-2019-19074 (rhbz 1774933 1774934) - Fix CVE-2019-19073 (rhbz 1774937 1774939) - Fix CVE-2019-19072 (rhbz 1774946 1774947) - Fix CVE-2019-19071 (rhbz 1774949 1774950) - Fix CVE-2019-19070 (rhbz 1774957 1774958) - Fix CVE-2019-19068 (rhbz 1774963 1774965) - Fix CVE-2019-19043 (rhbz 1774972 1774973) - Fix CVE-2019-19066 (rhbz 1774976 1774978) - Fix CVE-2019-19046 (rhbz 1774988 1774989) - Fix CVE-2019-19050 (rhbz 1774998 1775002) - Fix CVE-2019-19062 (rhbz 1775021 1775023) - Fix CVE-2019-19064 (rhbz 1775010 1775011) - Fix CVE-2019-19063 (rhbz 1775015 1775016) - Fix CVE-2019-19059 (rhbz 1775042 1775043) - Fix CVE-2019-19058 (rhbz 1775047 1775048) - Fix CVE-2019-19057 (rhbz 1775050 1775051) - Fix CVE-2019-19053 (rhbz 1775956 1775110) - Fix CVE-2019-19056 (rhbz 1775097 1775115) - Fix CVE-2019-19055 (rhbz 1775074 1775116) - Fix CVE-2019-19054 (rhbz 1775063 1775117) * Thu Nov 21 2019 Laura Abbott labbott@redhat.com - Linux v5.3.12 * Tue Nov 12 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.3.11-200 - Linux v5.3.11 - Fixes CVE-2019-11135 (rhbz 1753062 1771649) - Fixes CVE-2018-12207 (rhbz 1646768 1771645) - Fixes CVE-2019-0154 (rhbz 1724393 1771642) - Fixes CVE-2019-0155 (rhbz 1724398 1771644) * Mon Nov 11 2019 Laura Abbott labbott@redhat.com - 5.3.10-200 - Linux v5.3.10 * Thu Nov 7 2019 Jeremy Cline jcline@redhat.com - Add support for a number of Macbook keyboards and touchpads (rhbz 1769465) * Wed Nov 6 2019 Laura Abbott labbott@redhat.com - 5.3.9-200 - Linux v5.3.9 * Tue Oct 29 2019 Laura Abbott labbott@redhat.com - 5.3.8-200 - Linux v5.3.8 - Fix CVE-2019-17666 (rhbz 1763692) * Fri Oct 18 2019 Laura Abbott labbott@redhat.com - 5.3.7-200 - Linux v5.3.7 * Mon Oct 14 2019 Laura Abbott labbott@redhat.com - 5.3.6-200 - Linux v5.3.6 * Fri Oct 11 2019 Laura Abbott labbott@redhat.com - Fix disappearing cursor issue (rhbz 1738614) * Fri Oct 11 2019 Peter Robinson pbrobinson@fedoraproject.org - Last iwlwifi fix for the recent firmware issues (rhbz 1733369) * Tue Oct 8 2019 Laura Abbott labbott@redhat.com - 5.3.5-200 - Linux v5.3.5 Rebase * Wed Oct 2 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056 (rhbz 1758239 1758240 1758242 1758243 1758245 1758246 1758248 1758249 1758256 1758257) * Tue Oct 1 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.18-200 - Linux v5.2.18 * Mon Sep 23 2019 Peter Robinson pbrobinson@fedoraproject.org - Upstream patch for iwlwifi 8000 series FW issues (rhbz: 1749949) * Mon Sep 23 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.17-200 - Linux v5.2.17 * Thu Sep 19 2019 Laura Abbott labbott@redhat.com - Fix for dwc3 (rhbz 1753099) * Thu Sep 19 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.16-200 - Linux v5.2.16 - Fix CVE-2019-14821 (rhbz 1746708 1753596) * Mon Sep 16 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.15-200 - Linux v5.2.15 - Fixes rhbz 1751901 * Tue Sep 10 2019 Justin M. Forbes jforbes@redhat.com - 5.2.14-200 - Linux v5.2.14 * Fri Sep 6 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.13-200 - Linux v5.2.13 * Thu Aug 29 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.11-200 - Linux v5.2.11 - Fix CVE-2019-15504 (rhbz 1746725 1746726) - Fix CVE-2019-15505 (rhbz 1746732 1746734) - Fix CVE-2019-15538 (rhbz 1746777 1746779) * Wed Aug 28 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix mwifiex CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 - (rhbz 1744130 1744137 1744149 1746566 1746567) * Mon Aug 26 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.10-200 - Linux v5.2.10 * Fri Aug 16 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.9-200 - Linux v5.2.9 * Sat Aug 10 2019 Justin M. Forbes jforbes@redhat.com - 5.2.8-200 - Linux v5.2.8 * Thu Aug 8 2019 Justin M. Forbes jforbes@redhat.com - 5.2.7-200 - Linux v5.2.7 * Tue Aug 6 2019 Laura Abbott labbott@redhat.com - Fix netfilter regression (rhbz 1737171) * Mon Aug 5 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.6-200 - Linux v5.2.6 - Temporary fixes for (rhbz 1737046 1730762) * Wed Jul 31 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.5-200 - Linux v5.2.5 - Fix CVE-2019-10207 (rhbz 1733874 1734242) * Tue Jul 30 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix for screen freezes with i915 * Mon Jul 29 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.2.4-200 - Linux v5.2.4 Rebase * Fri Jul 26 2019 Jeremy Cline jcline@redhat.com - 5.1.20-300 - Linux v5.1.20 * Mon Jul 22 2019 Laura Abbott labbott@redhat.com - Bring in DMA fix (rhbz 1732045) * Mon Jul 22 2019 Jeremy Cline jcline@redhat.com - 5.1.19-300 - Linux v5.1.19 - Fix Xen Security Advisory 300 (rhbz 1731862 1731864) - Fix a null pointer dereference in the 8250_lpss serial driver (rhbz 1731784) * Thu Jul 18 2019 Jeremy Cline jcline@redhat.com - Fix CVE-2019-13631 (rhbz 1731000 1731001) * Mon Jul 15 2019 Jeremy Cline jcline@redhat.com - 5.1.18-300 - Linux v5.1.18 * Wed Jul 10 2019 Jeremy Cline jcline@redhat.com - 5.1.17-300 - Linux v5.1.17 * Mon Jul 8 2019 Jeremy Cline jcline@redhat.com - Fix a firmware crash in Intel 7000 and 8000 devices (rhbz 1716334) * Thu Jul 4 2019 Peter Robinson pbrobinson@fedoraproject.org - Fixes for load avg and display on Raspberry Pi * Wed Jul 3 2019 Jeremy Cline jcline@redhat.com - 5.1.16-300 - Linux v5.1.16 - Fix an issue with deleting singular conntrack entries (rhbz 1724357) * Tue Jun 25 2019 Jeremy Cline jcline@redhat.com - 5.1.15-300 - Linux v5.1.15 - Fixes CVE-2019-12817 (rhbz 1720616 1723697) * Mon Jun 24 2019 Hans de Goede hdegoede@redhat.com - Extend GPD MicroPC LCD panel quirk to also apply to newer BIOS versions * Mon Jun 24 2019 Jeremy Cline jcline@redhat.com - 5.1.14-300 - Linux v5.1.14 * Wed Jun 19 2019 Jeremy Cline jcline@redhat.com - 5.1.12-300 - Linux v5.1.12 * Mon Jun 17 2019 Jeremy Cline jcline@redhat.com - 5.1.11-300 - Linux v5.1.11 - Fixes CVE-2019-11477 (rhbz 1719123 1721254) - Fixes CVE-2019-11479 (rhbz 1719129 1721255) - Fixes CVE-2019-11478 (rhbz 1719128 1721256) * Mon Jun 17 2019 Jeremy Cline jcline@redhat.com - 5.1.10-300 - Linux v5.1.10 * Fri Jun 14 2019 Hans de Goede hdegoede@redhat.com - Fix the LCD panel an Asus EeePC 1025C not lighting up (rhbz#1697069) - Fix the LCD panel on the GPD MicroPC not working * Thu Jun 13 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-10126 (rhbz 1716992 1720122) * Tue Jun 11 2019 Jeremy Cline jcline@redhat.com - 5.1.9-300 - Linux v5.1.9 - Fix UDP checkshums for SIP packets (rhbz 1716289) * Sun Jun 9 2019 Jeremy Cline jcline@redhat.com - 5.1.8-300 - Linux v5.1.8 * Fri Jun 7 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-12614 (rhbz 1718176 1718185) * Thu Jun 6 2019 Jeremy Cline jcline@redhat.com - Fix incorrect permission denied with lock down off (rhbz 1658675) - Fix an issue with the IPv6 neighbor table (rhbz 1708717) * Wed Jun 5 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-12456 (rhbz 1717182 1717183) * Tue Jun 4 2019 Jeremy Cline jcline@redhat.com - 5.1.7-300 - Linux v5.1.7 - Fix CVE-2019-12455 (rhbz 1716990 1717003) - Fix CVE-2019-12454 (rhbz 1716996 1717003) * Mon Jun 3 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-12378 (rhbz 1715459 1715460) - Fix CVE-2019-3846 (rhbz 1713059 1715475) - Fix CVE-2019-12380 (rhbz 1715494 1715495) - Fix CVE-2019-12381 (rhbz 1715501 1715502) - Fix CVE-2019-12382 (rhbz 1715554 1715556) - Fix CVE-2019-12379 (rhbz 1715491 1715706) * Fri May 31 2019 Laura Abbott labbott@redhat.com - 5.1.6-300 - Linux v5.1.6 * Sat May 25 2019 Jeremy Cline jcline@redhat.com - 5.1.5-300 - Linux v5.1.5 * Fri May 24 2019 Jeremy Cline jcline@redhat.com - 5.1.4-301 - Fix fstrim discarding too many blocks * Wed May 22 2019 Jeremy Cline jcline@redhat.com - 5.1.4-300 - Linux v5.1.4 - Fix an issue with Bluetooth 2.0 and earlier devices (rhbz 1711468) * Mon May 20 2019 Laura Abbott labbott@redhat.com - 5.0.17-300 - Linux v5.0.17 * Tue May 14 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.0.16-300 - Linux v5.0.16 - Fixes CVE-2018-12126 (rhbz 1646781 1709976) - Fixes CVE-2018-12127 (rhbz 1667782 1709978) - Fixes CVE-2018-12130 (rhbz 1646784 1709989 1709996) - Fixes CVE-2019-11091 (rhbz 1705312 1709983) * Mon May 13 2019 Laura Abbott labbott@redhat.com - 5.0.15-300 - Linux v5.0.15 - Fixes CVE-2019-11884 (rhbz 1709837 1709838) * Thu May 9 2019 Laura Abbott labbott@redhat.com - 5.0.14-300 - Linux v5.0.14 * Mon May 6 2019 Laura Abbott labbott@redhat.com - 5.0.13-300 - Linux v5.0.13 * Sat May 4 2019 Laura Abbott labbott@redhat.com - 5.0.12-300 - Linux v5.0.12 * Thu May 2 2019 Laura Abbott labbott@redhat.com - 5.0.11-300 - Linux v5.0.11 * Tue Apr 30 2019 Laura Abbott labbott@redhat.com - 5.0.10-300 - Linux v5.0.10 * Tue Apr 30 2019 Hans de Goede hdegoede@redhat.com - Fix wifi on various ideapad models not working (rhbz#1703338) * Thu Apr 25 2019 Justin M. Forbes jforbes@fedoraproject.org - Fix CVE-2019-3900 (rhbz 1698757 1702940) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c https://bugzilla.redhat.com/show_bug.cgi?id=1774870 [ 2 ] Bug #1774875 - CVE-2019-14896 kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c https://bugzilla.redhat.com/show_bug.cgi?id=1774875 [ 3 ] Bug #1774879 - CVE-2019-14897 kernel: stack-based buffer overflow in add_ie_rates function in drivers/net/wireless/marvell/libertas/cfg.c https://bugzilla.redhat.com/show_bug.cgi?id=1774879 [ 4 ] Bug #1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c https://bugzilla.redhat.com/show_bug.cgi?id=1773519 [ 5 ] Bug #1776353 - CVE-2019-19078 kernel: memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1776353 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-8846a1a5a2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------