[SECURITY] Fedora 19 Update: kernel-3.9.9-301.fc19

updates at fedoraproject.org updates at fedoraproject.org
Sat Jul 6 00:59:36 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-12339
2013-07-05 00:33:56
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 19
Version     : 3.9.9
Release     : 301.fc19
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Upstream stable release 3.9.9 contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul  3 2013 Josh Boyer <jwboyer at redhat.com> 3.9.9-301
- CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code (rhbz 977356 980341)
- CVE-2013-2234 net: information leak in AF_KEY notify (rhbz 980995 981007)
* Wed Jul  3 2013 Justin M. Forbes <jforbes at redhat.com> 3.9.9-300
- Linux v3.9.9
* Wed Jul  3 2013 Josh Boyer <jwboyer at redhat.com>
- Add patches to fix iwl skb managment (rhbz 977040)
* Wed Jul  3 2013 Dave Airlie <airlied at redhat.com>
- fixup QXL driver patches to make it easier to rebase
- add qxl driver dynamic resize + multiple heads support
* Mon Jul  1 2013 Dave Airlie <airlied at redhat.com>
- kernel portion of qxl cursor and dynamic resize fixes.
* Fri Jun 28 2013 Peter Robinson <pbrobinson at fedoraproject.org>
- Only enable ARM A15 errata on the LPAE kernel as it breaks A8
* Fri Jun 28 2013 Dave Airlie <airlied at redhat.com> 
- add qxl fix for missing access ok macro.
* Thu Jun 27 2013 Josh Boyer <jwboyer at redhat.com> - 3.9.8-300
- Linux v3.9.8
* Thu Jun 27 2013 Josh Boyer <jwboyer at redhat.com>
- Fix stack memory usage for DMA in ath3k (rhbz 977558)
* Wed Jun 26 2013 Josh Boyer <jwboyer at redhat.com>
- Add two patches to fix bridge networking issues (rhbz 880035)
* Tue Jun 25 2013 Kyle McMartin <kyle at redhat.com>
- Cherry pick fix out of rawhide for %{with_*} tests in module
  signing from Jan Stancek.
* Mon Jun 24 2013 Josh Boyer <jwboyer at redhat.com>
- Fix battery issue with bluetooth keyboards (rhbz 903741)
* Fri Jun 21 2013 Josh Boyer <jwboyer at redhat.com>
- Add two patches to fix iwlwifi issues in unmapping
- Add patch to fix carl9170 oops (rhbz 967271)
* Thu Jun 20 2013 Justin M. Forbes <jforbes at redhat.com>
- Linux v3.9.7
* Tue Jun 18 2013 Neil Horman <nhorman at redhat.com>
- Fix dma debug error in tulip driver (rhbz 956732)
* Tue Jun 18 2013 Dave Jones <davej at redhat.com>
- Disable MTRR sanitizer by default.
* Mon Jun 17 2013 Josh Boyer <jwboyer at redhat.com> - 3.9.6-301
- Add patch to fix radeon issues on powerpc
* Thu Jun 13 2013 Josh Boyer <jwboyer at redhat.com> - 3.9.6-300
- Linux v3.9.6
- Drop a bunch of powerpc patches that were includes in 3.9.6.  Yay!
* Wed Jun 12 2013 Kyle McMartin <kmcmarti at redhat.com>
- Merge 0 and %{with_lpae} so both ARM and i686 use the same
  flavours. Set %{pae} to the flavour name {lpae, PAE}. Merging
  the descriptions would be nice, but is somewhat irrelevant...
* Wed Jun 12 2013 Josh Boyer <jwboyer at redhat.com>
- Update gssproxy patches
- Fix KVM divide by zero error (rhbz 969644)
- Add fix for rt5390/rt3290 regression (rhbz 950735)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #980995 - CVE-2013-2234 Kernel: net: information leak in AF_KEY notify
        https://bugzilla.redhat.com/show_bug.cgi?id=980995
  [ 2 ] Bug #977356 - CVE-2013-1059 Kernel: libceph: Fix NULL pointer dereference in auth client code
        https://bugzilla.redhat.com/show_bug.cgi?id=977356
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list