[SECURITY] Fedora 21 Update: kernel-3.17.7-300.fc21
updates at fedoraproject.org
updates at fedoraproject.org
Mon Dec 22 02:32:48 UTC 2014
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-17293
2014-12-19 17:14:44
--------------------------------------------------------------------------------
Name : kernel
Product : Fedora 21
Version : 3.17.7
Release : 300.fc21
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package
--------------------------------------------------------------------------------
Update Information:
The 3.17.7 stable update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Linux v3.17.7
- CVE-2014-8559 deadlock due to incorrect usage of rename_lock (rhbz 1159313 1173814)
- Add patch from Josh Stone to restore var-tracking via Kconfig (rhbz 1126580)
* Mon Dec 15 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix ppc64 boot with smt-enabled=off (rhbz 1173806)
- CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374)
* Fri Dec 12 2014 Kyle McMartin <kyle at fedoraproject.org>
- build in ahci_platform on aarch64 temporarily.
* Fri Dec 12 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Remove pointless warning in cfg80211 (rhbz 1172543)
* Wed Dec 10 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Fix MSI issues on another Samsung pci-e SSD (rhbz 1084928)
- Fix UAS crashes with Seagate and Fresco Logic drives (rhbz 1164945)
- CVE-2014-8134 fix espfix for 32-bit KVM paravirt guests (rhbz 1172765 1172769)
* Mon Dec 8 2014 Justin M. Forbes <jforbes at fedoraproject.org> - 3.17.6-300
- Linux v3.17.6
* Fri Dec 5 2014 Kyle McMartin <kyle at fedoraproject.org> - 3.17.4-303
- arm64-fix-xgene_enet_process_ring.patch: fix a panic under load.
* Thu Dec 4 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.17.4-302
- CVE-2014-9090 local DoS via do_double_fault due to improper SS faults (rhbz 1170691)
* Thu Dec 4 2014 Kyle McMartin <kyle at fedoraproject.org>
- kernel-arm64.patch: update.
- arm64-force-serial-to-be-active-consdev.patch: force serial consoles
to be the primary console device instead of defaulting to tty0. No
changes to drivers outside of ARM-land.
- arm64-vgic-error-to-info.patch: change an error to a warning so that
kvm will work.
* Mon Dec 1 2014 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch to quiet i915 driver on long hdps
- Add patch to fix oops when using xpad (rhbz 1094048)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1159313 - CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock
https://bugzilla.redhat.com/show_bug.cgi?id=1159313
[ 2 ] Bug #1172797 - CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
https://bugzilla.redhat.com/show_bug.cgi?id=1172797
[ 3 ] Bug #1172765 - CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests
https://bugzilla.redhat.com/show_bug.cgi?id=1172765
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list