--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-12786
2009-12-07 06:16:34
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 11
Version     : 2.6.30.9
Release     : 102.fc11
URL         : https://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

CVE-2009-1298 null ptr deref in ipv4 ip_frag_reasm.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  3 2009 Kyle McMartin  2.6.30.9-102
- ipv4-fix-null-ptr-deref-in-ip_fragment.patch: null ptr deref
  bug fix.
* Thu Nov 19 2009 Kyle McMartin 
- fuse-prevent-fuse_put_request-in-invalid-ptr.patch: fix oops in fuse
  when low on memory. rhbz#538734.
* Thu Nov 19 2009 David Woodhouse  2.6.30.9-100
- Re-enable CONFIG_DMAR_GFX_WA on x86_64.
* Tue Nov 17 2009 Chuck Ebbert  2.6.30.9-99
- Silence pointless DRM warning message (#537196)
* Tue Nov 17 2009 Chuck Ebbert  2.6.30.9-98
- More sata_nv fixes (#524756).
* Mon Nov 16 2009 Eric Sandeen  2.6.30.9-97
- Fix ext4 preallocation-related corruption (#513221)
* Tue Nov  3 2009 Kyle McMartin  2.6.30.9-96
- fs/pipe.c: fix null pointer dereference (CVE-2009-3547)
* Sun Oct 25 2009 Chuck Ebbert   2.6.30.9-95
- Disable the stack protector on functions that don't have onstack arrays.
* Thu Oct 22 2009 Chuck Ebbert   2.6.30.9-94
- Fix overflow in KVM cpuid code. (CVE-2009-3638)
* Thu Oct 22 2009 Chuck Ebbert   2.6.30.9-93
- Fix exploitable oops in keyring code (CVE-2009-3624)
* Wed Oct 21 2009 Kyle McMartin 
- shut-up-LOCK_TEST_WITH_RETURN.patch: sort out #445331... or paper bag
  over it for now until the lock warnings can be killed.
* Mon Oct 19 2009 Kyle McMartin 
- af_unix-fix-deadlock-connecting-to-shutdown-socket.patch: fix for
  rhbz#529626 local DoS. (CVE-2009-3621)
* Sat Oct 17 2009 Chuck Ebbert   2.6.30.9-90
- Fix null deref in r128 (F10#487546) (CVE-2009-3620)
* Sat Oct 17 2009 Chuck Ebbert  2.6.30.9-89
- Keyboard and mouse fixes from 2.6.32 (#522126)
* Sat Oct 17 2009 Chuck Ebbert  2.6.30.9-88
- Scheduler wakeup patch, fixes high latency on wakeup
  (sched-update-the-clock-of-runqueue-select-task-rq-selected.patch)
* Fri Oct 16 2009 Chuck Ebbert  2.6.30.9-87
- Fix uninitialized data leak in netlink (CVE-2009-3612)
* Thu Oct 15 2009 Chuck Ebbert  2.6.30.9-86
- AX.25 security fix (CVE-2009-2909)
* Thu Oct 15 2009 Chuck Ebbert  2.6.30.9-85
- Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it causes failure
  to boot from USB disks using Cypress bridges (#524998)
* Tue Oct 13 2009 Chuck Ebbert  2.6.30.9-84
- Copy libata drive detection fix from 2.6.31.4 (#524756)
* Tue Oct 13 2009 Chuck Ebbert  2.6.30.9-83
- Networking fixes taken from 2.6.31-stable
* Tue Oct 13 2009 Chuck Ebbert  2.6.30.9-82
- Fix boot hang with ACPI on some systems.
* Mon Oct 12 2009 Chuck Ebbert   2.6.30.9-81
- Critical ftrace fixes:
  ftrace-use-module-notifier-for-function-tracer.patch
  ftrace-check-for-failure-for-all-conversions.patch
  tracing-correct-module-boundaries-for-ftrace_release.patch
* Thu Oct  8 2009 Ben Skeggs      2.6.30.9-80
- ppc: compile nvidiafb as a module only, nvidiafb+nouveau = bang! (rh#491308)
* Wed Oct  7 2009 Dave Jones        2.6.30.9-78
- Disable IRQSOFF tracer. (Adds unnecessary overhead when unused)
* Wed Oct  7 2009 Chuck Ebbert   2.6.30.9-77
- eCryptfs fixes taken from 2.6.31.2 (fixes CVE-2009-2908)
* Tue Oct  6 2009 Chuck Ebbert   2.6.30.9-76
- fix race in forcedeth network driver (#526546)
* Tue Oct  6 2009 Chuck Ebbert   2.6.30.9-75
- x86: Don't leak 64-bit reg contents to 32-bit tasks.
* Tue Oct  6 2009 Chuck Ebbert   2.6.30.9-74
- ACPI EC bug fixes taken from kernel 2.6.32 (#492699, #525681)
* Mon Oct  5 2009 Chuck Ebbert   2.6.30.9-73
- Linux 2.6.30.9
* Sun Oct  4 2009 Chuck Ebbert   2.6.30.9-72.rc3
- Copy stack randomization fix from 2.6.31.2 (F10#526882)
* Sun Oct  4 2009 Chuck Ebbert   2.6.30.9-71.rc3
- Linux 2.6.30.9-rc3
- Drop merged upstream patches:
  linux-2.6-cifs-reenable-lanman-security.patch
  kvm-guest-fix-bogus-wallclock-physical-address-calculation.patch
  kvm-mmu-make-__kvm_mmu_free_some_pages-handle-empty-list.patch
  kvm-vmx-check-cpl-before-emulating-debug-register-access.patch
  kvm-vmx-fix-cr8-exiting-control-clobbering-by-ept.patch
  kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch
  linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch
* Fri Oct  2 2009 Justin M. Forbes   2.6.30.8-70
- Add linux-2.6-virtio-net-refill-on-out-of-memory.patch, from 2.6.31
  to prevent page allocation failures in guests. (#520119)
* Mon Sep 28 2009 Chuck Ebbert   2.6.30.8-69
- Add linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch, from
  2.6.32-rc, fixes bug #525743
* Mon Sep 28 2009 Chuck Ebbert   2.6.30.8-68
- Drop sched-disable-NEW-FAIR-SLEEPERS-for-now.patch, reported to
  cause problems on 2.6.30.
* Sat Sep 26 2009 Chuck Ebbert   2.6.30.8-67
- Scheduler fixes cherry-picked from 2.6.32
* Sat Sep 26 2009 Chuck Ebbert   2.6.30.8-66
- Backport "appletalk: Fix skb leak when ipddp interface is not loaded"
  (fixes CVE-2009-2903)
* Sat Sep 26 2009 Chuck Ebbert  2.6.30.8-65
- KVM fixes from 2.6.31.1, including fix for CVE-2009-3290
* Fri Sep 25 2009 Chuck Ebbert  2.6.30.8-64
- Fix serious CFQ performance regression.
* Fri Sep 25 2009 Chuck Ebbert  2.6.30.8-63
- Disable the GEM graphics manager on i686 PAE kernels
  (fixes modesetting on Intel graphics.)
* Fri Sep 25 2009 Chuck Ebbert  2.6.30.8-62
- Fix breakage in hostap driver (#522269)
* Thu Sep 24 2009 Chuck Ebbert  2.6.30.8-61
- Backport the cpuidle-faster-io fix from Fedora 12 to fix I/O
  performance problems when reading/writing multiple disks.
* Thu Sep 24 2009 Chuck Ebbert  2.6.30.8-60
- Linux 2.6.30.8
* Thu Sep 24 2009 Chuck Ebbert  2.6.30.7-59
- Disable sound powersave by default; it still pops when playing sounds. (#523836)
* Wed Sep 16 2009 Justin M. Forbes  2.6.30.7-58
- Revert virtio_blk to rotational mode. (#509383)
* Tue Sep 15 2009 Chuck Ebbert  2.6.30.7-57
- Linux 2.6.30.7
* Tue Sep 15 2009 Chuck Ebbert  2.6.30.7-56.rc1
- Fix CIFS security flags mask broken in 2.6.30 (#523173)
* Tue Sep 15 2009 Chuck Ebbert  2.6.30.7-55.rc1
- Fix cpufreq lockdep warnings (#522685)
* Sat Sep 12 2009 Chuck Ebbert  2.6.30.7-54.rc1
- 2.6.30.7-rc1
- Drop patches merged in -stable:
   linux-2.6-slub-fix-destroy-by-rcu.patch
* Thu Sep 10 2009 Dennis Gilmore  2.6.30.6-53
- kgdb only works on sparc64 smp kernels so disable on the up one and enable on the smp one
- update to 256 cpus supported on sparc64 smp
* Wed Sep  9 2009 Chuck Ebbert   2.6.30.6-52
- Add linux-2.6-slub-fix-destroy-by-rcu.patch (fixes bug in 2.6.30.4)
* Wed Sep  9 2009 Chuck Ebbert  2.6.30.6-51
- 2.6.30.6
- Drop patches merged in -stable:
  do_sigaltstack-avoid-copying-stack_t-as-a-structure-to-userspace.patch
  linux-2.6-x86-dont-send-ipi-to-empty-set-cpus.patch
  linux-2.6-bitmap-make-ops-return-result.patch
  linux-2.6-x86-dont-call-send-ipi-mask-with-empty-mask.patch
  linux-2.6-clone-fix-race-between-copy-process-and-de-thread.patch
  linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch
  linux-2.6-xen-x86-dont-probe-if-apics-are-disabled.patch
* Tue Sep  8 2009 Chuck Ebbert  2.6.30.5-50
- Disable Amiga One support to fix powerpc coherency bug (#521703)
* Fri Sep  4 2009 Chuck Ebbert  2.6.30.5-49
- Fix build system getting confused during firmware install.
* Fri Sep  4 2009 Chuck Ebbert  2.6.30.5-48
- Added additional fixes needed for #514787:
  linux-2.6-ppc64-vs-broadcom-lmb-no-init-*.patch
- Fix up lirc patch context so it applies.
* Wed Sep  2 2009 Jarod Wilson 
- Make it possible to rmmod lirc_zilog w/o it hanging indefinitely
- Add transmit support (via port 2 only) on 1st-gen mceusb transceiver
* Tue Sep  1 2009 Chuck Ebbert  2.6.30.5-46
- Fix yet another Xen boot crash (#520517)
* Tue Sep  1 2009 Jarod Wilson  2.6.30.5-45
- Refresh lirc patches, add new lirc_ene0100 driver
- Fix up hdpvr driver for use with modular i2c so that
  lirc_zilog can actually bind to it
- Make lirc_zilog IR transmit and receive work on the hdpvr
- Fix audio on PVR-500 when used in same system as HVR-1800 (#480728)
* Fri Aug 28 2009 David Woodhouse 
- Enable Solos DSL driver
* Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-43
- Don't load the floppy driver automatically:
  linux-2.6-defaults-die-floppy-die.patch
* Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-42
- Fix stackprotector problems with Xen on x86_64.
- Disable stackprotector on i386 until 32-bit Xen gets fixed.
* Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-41
- linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch:
  fix race in kthreads.
* Thu Aug 27 2009 Justin M. Forbes  2.6.30.5-40
- xen: Fix guest crash when trying to debug. (#458385)
* Thu Aug 27 2009 John W. Linville  2.6.30.5-39
- zd1211rw: adding 083a:e503 as a ZD1211B device (#518538)
* Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-38
- Fix string overflows found by stackprotector:
  hda-check-strcpy-length.patch
  linux-2.6-v4l-dvb-af9015-fix-stack-corruption.patch
* Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-37
- Fix race in clone() syscall.
* Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-36
- Fix hangs on older x86 systems with 440*X chipsets.
* Fri Aug 21 2009 David Woodhouse 
- Fix b43 on iMac G5 (#514787)
* Tue Aug 18 2009 Kyle McMartin 
- Backport several upstream commits 52dec22e739eec8f3a0154f768a599f5489048bd
  to improve mmap_min_addr.
- CVE-2009-2847: do_sigaltstack: avoid copying 'stack_t' as a
  structure to user space
* Mon Aug 17 2009 Chuck Ebbert  2.6.30.5-32
- Change config options:
  CONFIG_SCSI_DEBUG=m
  CONFIG_PCI_MSI_DEFAULT_ON=y
* Mon Aug 17 2009 Jarod Wilson  2.6.30.5-31
- Fix flub in prior lirc patch update that resulted in no lirc
  drivers getting built
* Sun Aug 16 2009 Chuck Ebbert  2.6.30.5-29
- Linux 2.6.30.5
* Fri Aug 14 2009 Chuck Ebbert  2.6.30.5-28.rc2
- Linux 2.6.30.5-rc2
- Dropped drm-intel-tv-fix.patch, merged in -stable now.
* Wed Aug 12 2009 Kyle McMartin 
- drm-no-gem-on-i8xx.patch: fix misspelled IS_8XX & IS_I845G, sigh.
* Wed Aug 12 2009 Kyle McMartin 
- DRM patch sync-up with F-11-2.6.29.y, ABI probably isn't right yet though...
 - drm-modesetting-radeon.patch
 - drm-nouveau.patch
 - drm-no-gem-on-i8xx.patch
 - drm-i915-resume-force-mode.patch
 - drm-intel-big-hammer.patch
 - drm-intel-gen3-fb-hack.patch
 - drm-intel-hdmi-edid-fix.patch
 - drm-modesetting-radeon-fixes.patch
 - drm-radeon-new-pciids.patch
 - drm-dont-frob-i2c.patch
 - drm-intel-tv-fix.patch
 - drm-radeon-cs-oops-fix.patch
 - drm-pnp-add-resource-range-checker.patch
 - drm-i915-enable-mchbar.patch
- The rest were merged upstream.
* Wed Aug 12 2009 John W. Linville 
- iwlwifi: fix TX queue race
* Mon Aug 10 2009 Kyle McMartin 
- Patch sync-up with F-11-2.6.29.y:
 - linux-2.6-x86-delay-tsc-barrier.patch
 - linux-2.6-fs-cifs-fix-port-numbers.patch
 - linux-2.6-kvm-skip-pit-check.patch
 - linux-2.6.29-xen-disable-gbpages.patch
 - linux-2.6-virtio_blk-dont-bounce-highmem-requests.patch
 - linux-2.6-drivers-char-low-latency-removal.patch
 - linux-2.6-serial-add-txen-test-param.patch
 - linux-2.6-input-wacom-bluetooth.patch
 - linux-2.6-defaults-saner-vm-settings.patch
 - linux-2.6-mm-lru-evict-streaming-io-pages-first.patch
 - linux-2.6-mm-lru-report-vm-flags-in-page-referenced.patch
 - linux-2.6-mm-lru-dont-evict-mapped-executable-pages.patch
 - linux-2.6-utrace.patch
 - linux-2.6-utrace-ftrace.patch
 - linux-2.6-tracehook.patch
* Mon Aug 10 2009 Jarod Wilson 
- Add tunable pad threshold support to lirc_imon
- Blacklist all iMON devices in usbhid driver so lirc_imon can bind
- Add new device ID to lirc_mceusb (#512483)
- Enable IR transceiver on the HD PVR
* Wed Aug  5 2009 Kyle McMartin 
- Update to released 2.6.30.4.
- Drop now-unneeded upstream reverts.
* Wed Jul 29 2009 Chuck Ebbert 
- Linux 2.6.30.4-rc1
* Mon Jul 27 2009 Neil Horman 
- Backport xfrm gc_thresh export code (bz 503124)
* Fri Jul 24 2009 Kyle McMartin 
- CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 [i386 x86_64], 4096 elsewhere, as
  per defconfigs.
- Blat patches from other tag, now to rebase fixes, splat in the changelog,
  and tag it for building.
* Fri Jul 24 2009 Kyle McMartin 
- Copy over release configs from devel-2.6.30 tag.
- Fix up some spec deviations.
* Fri Jul 24 2009 Kyle McMartin 
- Linux 2.6.30.3 rebase for Fedora 11.
- Fedora 11 2.6.29 branch is on tag private-fedora-11-2_6_29_6.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #544144 - CVE-2009-1298 kernel: ip_frag_reasm() NULL pointer dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=544144
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 11: kernel Security Update

December 7, 2009
CVE-2009-1298 null ptr deref in ipv4 ip_frag_reasm.

Summary

The kernel package contains the Linux kernel (vmlinuz), the core of any

Linux operating system. The kernel handles the basic functions

of the operating system: memory allocation, process allocation, device

input and output, etc.

Update Information:

CVE-2009-1298 null ptr deref in ipv4 ip_frag_reasm.

Change Log

* Thu Dec 3 2009 Kyle McMartin 2.6.30.9-102 - ipv4-fix-null-ptr-deref-in-ip_fragment.patch: null ptr deref bug fix. * Thu Nov 19 2009 Kyle McMartin - fuse-prevent-fuse_put_request-in-invalid-ptr.patch: fix oops in fuse when low on memory. rhbz#538734. * Thu Nov 19 2009 David Woodhouse 2.6.30.9-100 - Re-enable CONFIG_DMAR_GFX_WA on x86_64. * Tue Nov 17 2009 Chuck Ebbert 2.6.30.9-99 - Silence pointless DRM warning message (#537196) * Tue Nov 17 2009 Chuck Ebbert 2.6.30.9-98 - More sata_nv fixes (#524756). * Mon Nov 16 2009 Eric Sandeen 2.6.30.9-97 - Fix ext4 preallocation-related corruption (#513221) * Tue Nov 3 2009 Kyle McMartin 2.6.30.9-96 - fs/pipe.c: fix null pointer dereference (CVE-2009-3547) * Sun Oct 25 2009 Chuck Ebbert 2.6.30.9-95 - Disable the stack protector on functions that don't have onstack arrays. * Thu Oct 22 2009 Chuck Ebbert 2.6.30.9-94 - Fix overflow in KVM cpuid code. (CVE-2009-3638) * Thu Oct 22 2009 Chuck Ebbert 2.6.30.9-93 - Fix exploitable oops in keyring code (CVE-2009-3624) * Wed Oct 21 2009 Kyle McMartin - shut-up-LOCK_TEST_WITH_RETURN.patch: sort out #445331... or paper bag over it for now until the lock warnings can be killed. * Mon Oct 19 2009 Kyle McMartin - af_unix-fix-deadlock-connecting-to-shutdown-socket.patch: fix for rhbz#529626 local DoS. (CVE-2009-3621) * Sat Oct 17 2009 Chuck Ebbert 2.6.30.9-90 - Fix null deref in r128 (F10#487546) (CVE-2009-3620) * Sat Oct 17 2009 Chuck Ebbert 2.6.30.9-89 - Keyboard and mouse fixes from 2.6.32 (#522126) * Sat Oct 17 2009 Chuck Ebbert 2.6.30.9-88 - Scheduler wakeup patch, fixes high latency on wakeup (sched-update-the-clock-of-runqueue-select-task-rq-selected.patch) * Fri Oct 16 2009 Chuck Ebbert 2.6.30.9-87 - Fix uninitialized data leak in netlink (CVE-2009-3612) * Thu Oct 15 2009 Chuck Ebbert 2.6.30.9-86 - AX.25 security fix (CVE-2009-2909) * Thu Oct 15 2009 Chuck Ebbert 2.6.30.9-85 - Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it causes failure to boot from USB disks using Cypress bridges (#524998) * Tue Oct 13 2009 Chuck Ebbert 2.6.30.9-84 - Copy libata drive detection fix from 2.6.31.4 (#524756) * Tue Oct 13 2009 Chuck Ebbert 2.6.30.9-83 - Networking fixes taken from 2.6.31-stable * Tue Oct 13 2009 Chuck Ebbert 2.6.30.9-82 - Fix boot hang with ACPI on some systems. * Mon Oct 12 2009 Chuck Ebbert 2.6.30.9-81 - Critical ftrace fixes: ftrace-use-module-notifier-for-function-tracer.patch ftrace-check-for-failure-for-all-conversions.patch tracing-correct-module-boundaries-for-ftrace_release.patch * Thu Oct 8 2009 Ben Skeggs 2.6.30.9-80 - ppc: compile nvidiafb as a module only, nvidiafb+nouveau = bang! (rh#491308) * Wed Oct 7 2009 Dave Jones 2.6.30.9-78 - Disable IRQSOFF tracer. (Adds unnecessary overhead when unused) * Wed Oct 7 2009 Chuck Ebbert 2.6.30.9-77 - eCryptfs fixes taken from 2.6.31.2 (fixes CVE-2009-2908) * Tue Oct 6 2009 Chuck Ebbert 2.6.30.9-76 - fix race in forcedeth network driver (#526546) * Tue Oct 6 2009 Chuck Ebbert 2.6.30.9-75 - x86: Don't leak 64-bit reg contents to 32-bit tasks. * Tue Oct 6 2009 Chuck Ebbert 2.6.30.9-74 - ACPI EC bug fixes taken from kernel 2.6.32 (#492699, #525681) * Mon Oct 5 2009 Chuck Ebbert 2.6.30.9-73 - Linux 2.6.30.9 * Sun Oct 4 2009 Chuck Ebbert 2.6.30.9-72.rc3 - Copy stack randomization fix from 2.6.31.2 (F10#526882) * Sun Oct 4 2009 Chuck Ebbert 2.6.30.9-71.rc3 - Linux 2.6.30.9-rc3 - Drop merged upstream patches: linux-2.6-cifs-reenable-lanman-security.patch kvm-guest-fix-bogus-wallclock-physical-address-calculation.patch kvm-mmu-make-__kvm_mmu_free_some_pages-handle-empty-list.patch kvm-vmx-check-cpl-before-emulating-debug-register-access.patch kvm-vmx-fix-cr8-exiting-control-clobbering-by-ept.patch kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch * Fri Oct 2 2009 Justin M. Forbes 2.6.30.8-70 - Add linux-2.6-virtio-net-refill-on-out-of-memory.patch, from 2.6.31 to prevent page allocation failures in guests. (#520119) * Mon Sep 28 2009 Chuck Ebbert 2.6.30.8-69 - Add linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch, from 2.6.32-rc, fixes bug #525743 * Mon Sep 28 2009 Chuck Ebbert 2.6.30.8-68 - Drop sched-disable-NEW-FAIR-SLEEPERS-for-now.patch, reported to cause problems on 2.6.30. * Sat Sep 26 2009 Chuck Ebbert 2.6.30.8-67 - Scheduler fixes cherry-picked from 2.6.32 * Sat Sep 26 2009 Chuck Ebbert 2.6.30.8-66 - Backport "appletalk: Fix skb leak when ipddp interface is not loaded" (fixes CVE-2009-2903) * Sat Sep 26 2009 Chuck Ebbert 2.6.30.8-65 - KVM fixes from 2.6.31.1, including fix for CVE-2009-3290 * Fri Sep 25 2009 Chuck Ebbert 2.6.30.8-64 - Fix serious CFQ performance regression. * Fri Sep 25 2009 Chuck Ebbert 2.6.30.8-63 - Disable the GEM graphics manager on i686 PAE kernels (fixes modesetting on Intel graphics.) * Fri Sep 25 2009 Chuck Ebbert 2.6.30.8-62 - Fix breakage in hostap driver (#522269) * Thu Sep 24 2009 Chuck Ebbert 2.6.30.8-61 - Backport the cpuidle-faster-io fix from Fedora 12 to fix I/O performance problems when reading/writing multiple disks. * Thu Sep 24 2009 Chuck Ebbert 2.6.30.8-60 - Linux 2.6.30.8 * Thu Sep 24 2009 Chuck Ebbert 2.6.30.7-59 - Disable sound powersave by default; it still pops when playing sounds. (#523836) * Wed Sep 16 2009 Justin M. Forbes 2.6.30.7-58 - Revert virtio_blk to rotational mode. (#509383) * Tue Sep 15 2009 Chuck Ebbert 2.6.30.7-57 - Linux 2.6.30.7 * Tue Sep 15 2009 Chuck Ebbert 2.6.30.7-56.rc1 - Fix CIFS security flags mask broken in 2.6.30 (#523173) * Tue Sep 15 2009 Chuck Ebbert 2.6.30.7-55.rc1 - Fix cpufreq lockdep warnings (#522685) * Sat Sep 12 2009 Chuck Ebbert 2.6.30.7-54.rc1 - 2.6.30.7-rc1 - Drop patches merged in -stable: linux-2.6-slub-fix-destroy-by-rcu.patch * Thu Sep 10 2009 Dennis Gilmore 2.6.30.6-53 - kgdb only works on sparc64 smp kernels so disable on the up one and enable on the smp one - update to 256 cpus supported on sparc64 smp * Wed Sep 9 2009 Chuck Ebbert 2.6.30.6-52 - Add linux-2.6-slub-fix-destroy-by-rcu.patch (fixes bug in 2.6.30.4) * Wed Sep 9 2009 Chuck Ebbert 2.6.30.6-51 - 2.6.30.6 - Drop patches merged in -stable: do_sigaltstack-avoid-copying-stack_t-as-a-structure-to-userspace.patch linux-2.6-x86-dont-send-ipi-to-empty-set-cpus.patch linux-2.6-bitmap-make-ops-return-result.patch linux-2.6-x86-dont-call-send-ipi-mask-with-empty-mask.patch linux-2.6-clone-fix-race-between-copy-process-and-de-thread.patch linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch linux-2.6-xen-x86-dont-probe-if-apics-are-disabled.patch * Tue Sep 8 2009 Chuck Ebbert 2.6.30.5-50 - Disable Amiga One support to fix powerpc coherency bug (#521703) * Fri Sep 4 2009 Chuck Ebbert 2.6.30.5-49 - Fix build system getting confused during firmware install. * Fri Sep 4 2009 Chuck Ebbert 2.6.30.5-48 - Added additional fixes needed for #514787: linux-2.6-ppc64-vs-broadcom-lmb-no-init-*.patch - Fix up lirc patch context so it applies. * Wed Sep 2 2009 Jarod Wilson - Make it possible to rmmod lirc_zilog w/o it hanging indefinitely - Add transmit support (via port 2 only) on 1st-gen mceusb transceiver * Tue Sep 1 2009 Chuck Ebbert 2.6.30.5-46 - Fix yet another Xen boot crash (#520517) * Tue Sep 1 2009 Jarod Wilson 2.6.30.5-45 - Refresh lirc patches, add new lirc_ene0100 driver - Fix up hdpvr driver for use with modular i2c so that lirc_zilog can actually bind to it - Make lirc_zilog IR transmit and receive work on the hdpvr - Fix audio on PVR-500 when used in same system as HVR-1800 (#480728) * Fri Aug 28 2009 David Woodhouse - Enable Solos DSL driver * Thu Aug 27 2009 Chuck Ebbert 2.6.30.5-43 - Don't load the floppy driver automatically: linux-2.6-defaults-die-floppy-die.patch * Thu Aug 27 2009 Chuck Ebbert 2.6.30.5-42 - Fix stackprotector problems with Xen on x86_64. - Disable stackprotector on i386 until 32-bit Xen gets fixed. * Thu Aug 27 2009 Chuck Ebbert 2.6.30.5-41 - linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch: fix race in kthreads. * Thu Aug 27 2009 Justin M. Forbes 2.6.30.5-40 - xen: Fix guest crash when trying to debug. (#458385) * Thu Aug 27 2009 John W. Linville 2.6.30.5-39 - zd1211rw: adding 083a:e503 as a ZD1211B device (#518538) * Thu Aug 27 2009 Chuck Ebbert 2.6.30.5-38 - Fix string overflows found by stackprotector: hda-check-strcpy-length.patch linux-2.6-v4l-dvb-af9015-fix-stack-corruption.patch * Thu Aug 27 2009 Chuck Ebbert 2.6.30.5-37 - Fix race in clone() syscall. * Thu Aug 27 2009 Chuck Ebbert 2.6.30.5-36 - Fix hangs on older x86 systems with 440*X chipsets. * Fri Aug 21 2009 David Woodhouse - Fix b43 on iMac G5 (#514787) * Tue Aug 18 2009 Kyle McMartin - Backport several upstream commits 52dec22e739eec8f3a0154f768a599f5489048bd to improve mmap_min_addr. - CVE-2009-2847: do_sigaltstack: avoid copying 'stack_t' as a structure to user space * Mon Aug 17 2009 Chuck Ebbert 2.6.30.5-32 - Change config options: CONFIG_SCSI_DEBUG=m CONFIG_PCI_MSI_DEFAULT_ON=y * Mon Aug 17 2009 Jarod Wilson 2.6.30.5-31 - Fix flub in prior lirc patch update that resulted in no lirc drivers getting built * Sun Aug 16 2009 Chuck Ebbert 2.6.30.5-29 - Linux 2.6.30.5 * Fri Aug 14 2009 Chuck Ebbert 2.6.30.5-28.rc2 - Linux 2.6.30.5-rc2 - Dropped drm-intel-tv-fix.patch, merged in -stable now. * Wed Aug 12 2009 Kyle McMartin - drm-no-gem-on-i8xx.patch: fix misspelled IS_8XX & IS_I845G, sigh. * Wed Aug 12 2009 Kyle McMartin - DRM patch sync-up with F-11-2.6.29.y, ABI probably isn't right yet though... - drm-modesetting-radeon.patch - drm-nouveau.patch - drm-no-gem-on-i8xx.patch - drm-i915-resume-force-mode.patch - drm-intel-big-hammer.patch - drm-intel-gen3-fb-hack.patch - drm-intel-hdmi-edid-fix.patch - drm-modesetting-radeon-fixes.patch - drm-radeon-new-pciids.patch - drm-dont-frob-i2c.patch - drm-intel-tv-fix.patch - drm-radeon-cs-oops-fix.patch - drm-pnp-add-resource-range-checker.patch - drm-i915-enable-mchbar.patch - The rest were merged upstream. * Wed Aug 12 2009 John W. Linville - iwlwifi: fix TX queue race * Mon Aug 10 2009 Kyle McMartin - Patch sync-up with F-11-2.6.29.y: - linux-2.6-x86-delay-tsc-barrier.patch - linux-2.6-fs-cifs-fix-port-numbers.patch - linux-2.6-kvm-skip-pit-check.patch - linux-2.6.29-xen-disable-gbpages.patch - linux-2.6-virtio_blk-dont-bounce-highmem-requests.patch - linux-2.6-drivers-char-low-latency-removal.patch - linux-2.6-serial-add-txen-test-param.patch - linux-2.6-input-wacom-bluetooth.patch - linux-2.6-defaults-saner-vm-settings.patch - linux-2.6-mm-lru-evict-streaming-io-pages-first.patch - linux-2.6-mm-lru-report-vm-flags-in-page-referenced.patch - linux-2.6-mm-lru-dont-evict-mapped-executable-pages.patch - linux-2.6-utrace.patch - linux-2.6-utrace-ftrace.patch - linux-2.6-tracehook.patch * Mon Aug 10 2009 Jarod Wilson - Add tunable pad threshold support to lirc_imon - Blacklist all iMON devices in usbhid driver so lirc_imon can bind - Add new device ID to lirc_mceusb (#512483) - Enable IR transceiver on the HD PVR * Wed Aug 5 2009 Kyle McMartin - Update to released 2.6.30.4. - Drop now-unneeded upstream reverts. * Wed Jul 29 2009 Chuck Ebbert - Linux 2.6.30.4-rc1 * Mon Jul 27 2009 Neil Horman - Backport xfrm gc_thresh export code (bz 503124) * Fri Jul 24 2009 Kyle McMartin - CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 [i386 x86_64], 4096 elsewhere, as per defconfigs. - Blat patches from other tag, now to rebase fixes, splat in the changelog, and tag it for building. * Fri Jul 24 2009 Kyle McMartin - Copy over release configs from devel-2.6.30 tag. - Fix up some spec deviations. * Fri Jul 24 2009 Kyle McMartin - Linux 2.6.30.3 rebase for Fedora 11. - Fedora 11 2.6.29 branch is on tag private-fedora-11-2_6_29_6.

References

[ 1 ] Bug #544144 - CVE-2009-1298 kernel: ip_frag_reasm() NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=544144

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : kernel
Product : Fedora 11
Version : 2.6.30.9
Release : 102.fc11
URL : https://www.kernel.org/
Summary : The Linux kernel

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved